From cd4894370a8f21ba05ff2547bd11aa83fd114908 Mon Sep 17 00:00:00 2001 From: ryan Date: Tue, 18 Mar 2008 04:59:54 +0000 Subject: [PATCH] More nonce renewals from andy. fixes #6266 git-svn-id: http://svn.automattic.com/wordpress/trunk@7376 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/admin-ajax.php | 12 +++++++++++- wp-includes/pluggable.php | 2 +- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/wp-admin/admin-ajax.php b/wp-admin/admin-ajax.php index a4ef690f79..74835b3dfe 100644 --- a/wp-admin/admin-ajax.php +++ b/wp-admin/admin-ajax.php @@ -520,8 +520,18 @@ case 'autosave' : // The name of this action is hardcoded in edit_post() if ( $do_lock && $id && is_numeric($id) ) wp_set_post_lock( $id ); - if ( $nonce_age == 2 ) + if ( $nonce_age == 2 ) { $supplemental['replace-autosavenonce'] = wp_create_nonce('autosave'); + $supplemental['replace-getpermalinknonce'] = wp_create_nonce('getpermalink'); + $supplemental['replace-samplepermalinknonce'] = wp_create_nonce('samplepermalink'); + $supplemental['replace-closedpostboxesnonce'] = wp_create_nonce('closedpostboxes'); + if ( $id ) { + if ( $_POST['post_type'] == 'post' ) + $supplemental['replace-_wpnonce'] = wp_create_nonce('update-post_' . $id); + elseif ( $_POST['post_type'] == 'page' ) + $supplemental['replace-_wpnonce'] = wp_create_nonce('update-page_' . $id); + } + } $x = new WP_Ajax_Response( array( 'what' => 'autosave', diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index 4c87877343..db7bf1ab83 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -953,7 +953,7 @@ if ( !function_exists('wp_nonce_tick') ) : * @return int */ function wp_nonce_tick() { - $nonce_life = apply_filters('nonce_life', 86400) / 2; + $nonce_life = apply_filters('nonce_life', 86400); return ceil(time() / ( $nonce_life / 2 )); }