Permalink
Browse files

Check for permissions and nonces

  • Loading branch information...
nb committed Dec 19, 2012
1 parent 13c9c58 commit e447a3c5490cde0ef0aeb78a118731d587050da1
Showing with 2 additions and 1 deletion.
  1. +2 −1 liveblog.php
View
@@ -647,7 +647,8 @@ public function admin_ajax_set_liveblog_state_for_post() {
$post_id = isset( $_REQUEST['post_id'] )? $_REQUEST['post_id'] : 0;
$new_state = isset( $_REQUEST['state'] )? $_REQUEST['state'] : '';
- //TODO: check if the user can edit the post and nonce the request
+ self::ajax_current_user_can_edit_liveblog();
+ self::ajax_check_nonce();
if ( !$REQUEST = get_post( $post_id ) ) {
self::send_user_error( __( "Non-existing post ID: $post_id" , 'liveblog') );

0 comments on commit e447a3c

Please sign in to comment.