IntenseWebs/WordPress
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Protect log out actions against CSRF. Props markjaquith and ionfish. Fixes #7790.

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
westi
2008-09-28 21:05:37 +00:00
parent 3a0c8ef52c
commit f419d59754
8 changed files with 48 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/admin-header.php
View File

@@ -150,7 +150,7 @@ if ( ! $is_opera ) {
</div>
<?php } ?>
<div id="user_info"><p><?php printf(__('Howdy, <a href="%1$s">%2$s</a>!'), 'profile.php', $user_identity) ?> | <a href="<?php echo site_url('wp-login.php?action=logout', 'login') ?>" title="<?php _e('Log Out') ?>"><?php _e('Log Out'); ?></a> <?php if ( ! $is_opera ) { ?> | <span id="gears-menu"><a href="#" onclick="wpGears.message(1);return false;"><?php _e('Turbo') ?></a></span><?php } ?></p></div>
<div id="user_info"><p><?php printf(__('Howdy, <a href="%1$s">%2$s</a>!'), 'profile.php', $user_identity) ?> | <a href="<?php echo wp_logout_url() ?>" title="<?php _e('Log Out') ?>"><?php _e('Log Out'); ?></a> <?php if ( ! $is_opera ) { ?> | <span id="gears-menu"><a href="#" onclick="wpGears.message(1);return false;"><?php _e('Turbo') ?></a></span><?php } ?></p></div>
<?php
require(ABSPATH . 'wp-admin/menu-header.php');