[wp-testers] "Are you sure you want to do this?" without button

Xavier Borderie xavier at borderie.net
Tue Nov 11 10:33:25 GMT 2008


> Normally, that action is a POST (instead of a GET) and you're also
> sending a nonce along with the request. The "are you sure" message is
> the result of not sending the nonce. That would normally pop up (if no
> nonce was send), not be a separate page.
>
> In other words, you should not point a browser to that URL directly.
> Go to wp-admin/update-core.php and then click the upgrade button
> instead.

Yup, I know about nonces and understand the reason behind that "are
you sure" message (hence my "which is
nothing unexpected" bit)  :)

My question was more related to the lack of possible "next action",
namely "yes or no" buttons. A question is being asked by WP, and I
cannot answer it: I see dead people.

If these buttons also require nonces (which would be normal to safely
perform the Yes action), then I think the code should at least offer a
way to go back to /wp-admin with a single click - and not having to
change the browser's URL. Hopefully nothing like
"onclick='history.back();'", which would beat the idea of helping
users who stumble upon the message not knowing why.

-- 
Xavier Borderie


More information about the wp-testers mailing list