From f5cdbd1ded1e54b9ddd81823c50b457b62b96574 Mon Sep 17 00:00:00 2001
From: nacin <nacin@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Tue, 11 Jan 2011 22:42:22 +0000
Subject: [PATCH] Add nonces to instances where the list table display() method
 is overridden. see #16188.

git-svn-id: http://svn.automattic.com/wordpress/trunk@17262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/includes/class-wp-comments-list-table.php      | 4 ++++
 wp-admin/includes/class-wp-theme-install-list-table.php | 2 ++
 wp-admin/includes/class-wp-themes-list-table.php        | 2 ++
 3 files changed, 8 insertions(+)

diff --git a/wp-admin/includes/class-wp-comments-list-table.php b/wp-admin/includes/class-wp-comments-list-table.php
index d76b02ba4b..0cba0a1ed0 100644
--- a/wp-admin/includes/class-wp-comments-list-table.php
+++ b/wp-admin/includes/class-wp-comments-list-table.php
@@ -266,6 +266,8 @@ class WP_Comments_List_Table extends WP_List_Table {
 	function display() {
 		extract( $this->_args );
 
+		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
+
 		$this->display_tablenav( 'top' );
 
 ?>
@@ -533,6 +535,8 @@ class WP_Post_Comments_List_Table extends WP_Comments_List_Table {
 
 	function display( $output_empty = false ) {
 		extract( $this->_args );
+
+		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
 ?>
 <table class="<?php echo implode( ' ', $this->get_table_classes() ); ?>" cellspacing="0" style="display:none;">
 	<tbody id="the-comment-list"<?php if ( $singular ) echo " class='list:$singular'"; ?>>
diff --git a/wp-admin/includes/class-wp-theme-install-list-table.php b/wp-admin/includes/class-wp-theme-install-list-table.php
index 152775f106..f1dc411093 100644
--- a/wp-admin/includes/class-wp-theme-install-list-table.php
+++ b/wp-admin/includes/class-wp-theme-install-list-table.php
@@ -126,6 +126,8 @@ class WP_Theme_Install_List_Table extends WP_List_Table {
 	}
 
 	function display() {
+
+		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
 ?>
 		<div class="tablenav top">
 			<div class="alignleft actions">
diff --git a/wp-admin/includes/class-wp-themes-list-table.php b/wp-admin/includes/class-wp-themes-list-table.php
index a91c73d110..97ae61c5db 100644
--- a/wp-admin/includes/class-wp-themes-list-table.php
+++ b/wp-admin/includes/class-wp-themes-list-table.php
@@ -84,6 +84,8 @@ class WP_Themes_List_Table extends WP_List_Table {
 	}
 
 	function display() {
+
+		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
 ?>
 		<div class="tablenav top">
 			<?php $this->pagination( 'top' ); ?>