[wp-hackers] (no subject)

Brian Layman Brian at TheCodeCave.com
Wed Apr 19 21:36:04 GMT 2006

Michael said something like:
>Of particular interest to me was Bryan Layman's reply [2] suggesting  
>that GETs be met with an approval screen and POSTs be checked by  
>check_admin_referer() (or whatever security system) before going on  
>their merry state changing way.
>[2] http://comox.textdrive.com/pipermail/wp-hackers/2006-April/ 
Actually, that was Paul Mitchell :) but I agree that it is a interesting
idea especially if the post required a nonce to succeed where as the Get
would not need it.  It provides a handy solution for book marking and
emailing destructive links.  It's a lot more code and testing  but it is a
very interesting idea...

More information about the wp-hackers mailing list