WordPress 4.6.2

[autoinstalls/wordpress.git] / wp-admin / includes / class-wp-screen.php

diff --git a/wp-admin/includes/class-wp-screen.php b/wp-admin/includes/class-wp-screen.php
index a7d9a1a5c34c13602f5e135605e8d0c96695dcf9..967875917c688dad2abb8a915d37cb7cbadf554a 100644 (file)
--- a/wp-admin/includes/class-wp-screen.php
+++ b/wp-admin/includes/class-wp-screen.php
@@ -915,7 +915,8 @@ final class WP_Screen {
 
                switch ( $this->base ) {
                        case 'widgets':
 
                switch ( $this->base ) {
                        case 'widgets':

-                               $this->_screen_settings = '<p><a id="access-on" href="widgets.php?widgets-access=on">' . __('Enable accessibility mode') . '</a><a id="access-off" href="widgets.php?widgets-access=off">' . __('Disable accessibility mode') . "</a></p>\n";
+                               $nonce = wp_create_nonce( 'widgets-access' );
+                               $this->_screen_settings = '<p><a id="access-on" href="widgets.php?widgets-access=on&_wpnonce=' . urlencode( $nonce ) . '">' . __('Enable accessibility mode') . '</a><a id="access-off" href="widgets.php?widgets-access=off&_wpnonce=' . urlencode( $nonce ) . '">' . __('Disable accessibility mode') . "</a></p>\n";

                                break;
                        case 'post' :
                                $expand = '<fieldset class="editor-expand hidden"><legend>' . __( 'Additional settings' ) . '</legend><label for="editor-expand-toggle">';
                                break;
                        case 'post' :
                                $expand = '<fieldset class="editor-expand hidden"><legend>' . __( 'Additional settings' ) . '</legend><label for="editor-expand-toggle">';