Wordpress 2.0.11

[autoinstalls/wordpress.git] / wp-admin / link-import.php

diff --git a/wp-admin/link-import.php b/wp-admin/link-import.php
index 713686b3fb860398c4bdf3b7cb70e7d55b43bf6c..c6119e6fda3cd4d2ecb5b0a7c177b8e27a658173 100644 (file)
--- a/wp-admin/link-import.php
+++ b/wp-admin/link-import.php
@@ -24,8 +24,9 @@ switch ($step) {
 <div class="wrap">
 <h2><?php _e('Import your blogroll from another system') ?> </h2>
 <form enctype="multipart/form-data" action="link-import.php" method="post" name="blogroll">
+<?php wp_nonce_field('import-bookmarks') ?>
 
-<p><?php _e('If a program or website you use allows you to export your links or subscriptions as OPML you may import them here.'); ?>
+<p><?php _e('If a program or website you use allows you to export your links or subscriptions as OPML you may import them here.'); ?></p>
 <div style="width: 70%; margin: auto; height: 8em;">
 <input type="hidden" name="step" value="1" />
 <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
@@ -63,6 +64,8 @@ foreach ($categories as $category) {
             } // end case 0
 
     case 1: {
+               check_admin_referer('import-bookmarks');
+
                 include_once('admin-header.php');
                 if ( !current_user_can('manage_links') )
                     die (__("Cheatin' uh ?"));
@@ -71,10 +74,9 @@ foreach ($categories as $category) {
 
      <h2><?php _e('Importing...') ?></h2>
 <?php
-                $cat_id = $_POST['cat_id'];
-                if (($cat_id == '') || ($cat_id == 0)) {
-                    $cat_id  = 1;
-                }
+                               $cat_id = abs( (int) $_POST['cat_id'] );
+                               if ( $cat_id < 1 )
+                                       $cat_id  = 1;
 
                 $opml_url = $_POST['opml_url'];
                 if (isset($opml_url) && $opml_url != '' && $opml_url != 'http://') {