X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/8f374b7233bc2815ccc387e448d208c5434eb961..61343b82c4f0da4c68e4c6373daafff4a81efdd1:/wp-admin/includes/dashboard.php diff --git a/wp-admin/includes/dashboard.php b/wp-admin/includes/dashboard.php index 6e7d5f0d..657402f9 100644 --- a/wp-admin/includes/dashboard.php +++ b/wp-admin/includes/dashboard.php @@ -131,6 +131,7 @@ function wp_dashboard_setup() { } if ( 'POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['widget_id']) ) { + check_admin_referer( 'edit-dashboard-widget_' . $_POST['widget_id'], 'dashboard-widget-nonce' ); ob_start(); // hack - but the same hack wp-admin/widgets.php uses wp_dashboard_trigger_widget_control( $_POST['widget_id'] ); ob_end_clean(); @@ -182,6 +183,7 @@ function wp_add_dashboard_widget( $widget_id, $widget_name, $callback, $control_ function _wp_dashboard_control_callback( $dashboard, $meta_box ) { echo '
'; @@ -230,7 +232,7 @@ function wp_dashboard_right_now() { $num_tags = wp_count_terms('post_tag'); - $num_comm = wp_count_comments( ); + $num_comm = wp_count_comments(); echo "\n\t".'' . __('Content') . '
'."\n\t".'