File tree 3 files changed +5
-2
lines changed
3 files changed +5
-2
lines changed Original file line number Diff line number Diff line change @@ -915,7 +915,8 @@ public function show_screen_options() {
915915
916916 switch ( $ this ->base ) {
917917 case 'widgets ' :
918- $ this ->_screen_settings = '<p><a id="access-on" href="widgets.php?widgets-access=on"> ' . __ ('Enable accessibility mode ' ) . '</a><a id="access-off" href="widgets.php?widgets-access=off"> ' . __ ('Disable accessibility mode ' ) . "</a></p> \n" ;
918+ $ nonce = wp_create_nonce ( 'widgets-access ' );
919+ $ this ->_screen_settings = '<p><a id="access-on" href="widgets.php?widgets-access=on&_wpnonce= ' . urlencode ( $ nonce ) . '"> ' . __ ('Enable accessibility mode ' ) . '</a><a id="access-off" href="widgets.php?widgets-access=off&_wpnonce= ' . urlencode ( $ nonce ) . '"> ' . __ ('Disable accessibility mode ' ) . "</a></p> \n" ;
919920 break ;
920921 case 'post ' :
921922 $ expand = '<fieldset class="editor-expand hidden"><legend> ' . __ ( 'Additional settings ' ) . '</legend><label for="editor-expand-toggle"> ' ;
Original file line number Diff line number Diff line change 2222
2323$ widgets_access = get_user_setting ( 'widgets_access ' );
2424if ( isset ($ _GET ['widgets-access ' ]) ) {
25+ check_admin_referer ( 'widgets-access ' );
26+
2527 $ widgets_access = 'on ' == $ _GET ['widgets-access ' ] ? 'on ' : 'off ' ;
2628 set_user_setting ( 'widgets_access ' , $ widgets_access );
2729}
Original file line number Diff line number Diff line change 44 *
55 * @global string $wp_version
66 */
7- $ wp_version = '4.8-alpha-39759 ' ;
7+ $ wp_version = '4.8-alpha-39760 ' ;
88
99/**
1010 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
You can’t perform that action at this time.
0 commit comments