X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/ff81ee6e8304a1982a3ec4f5b134764a29d502cf..0f29eadd474473203a1182f52af1aa82721cecbd:/wp-admin/themes.php

diff --git a/wp-admin/themes.php b/wp-admin/themes.php
index a17ea3cd..87678ff3 100644
--- a/wp-admin/themes.php
+++ b/wp-admin/themes.php
@@ -2,7 +2,7 @@
 require_once('admin.php');
 
 if ( isset($_GET['action']) ) {
-	check_admin_referer();
+	check_admin_referer('switch-theme_' . $_GET['template']);
 	
 	if ('activate' == $_GET['action']) {
 		if ( isset($_GET['template']) )
@@ -13,7 +13,7 @@ if ( isset($_GET['action']) ) {
 		
 		do_action('switch_theme', get_current_theme());
 		
-		header('Location: themes.php?activated=true');
+		wp_redirect('themes.php?activated=true');
 		exit;
 	}
 }
@@ -69,7 +69,7 @@ foreach ($theme_names as $theme_name) {
 	$author = $themes[$theme_name]['Author'];
 	$screenshot = $themes[$theme_name]['Screenshot'];
 	$stylesheet_dir = $themes[$theme_name]['Stylesheet Dir'];
-	$activate_link = "themes.php?action=activate&template=$template&stylesheet=$stylesheet";
+	$activate_link = wp_nonce_url("themes.php?action=activate&template=$template&stylesheet=$stylesheet", 'switch-theme_' . $template);
 ?>
 <div class="available-theme">
 <h3><a href="<?php echo $activate_link; ?>"><?php echo "$title $version"; ?></a></h3>