/**
* Display "Are You Sure" message to confirm the action being taken.
*
* If the action has the nonce explain message, then it will be displayed along
* with the "Are you sure?" message.
*
* @package WordPress
* @subpackage Security
* @since 2.0.4
*
* @param string $action The nonce action.
*/
function wp_nonce_ays($action)
{
$title = __('WordPress Failure Notice');
$html = wp_specialchars(wp_explain_nonce($action));
if (wp_get_referer()) {
$html .= "</p><p><a href='" . remove_query_arg('updated', clean_url(wp_get_referer())) . "'>" . __('Please try again.') . "</a>";
} elseif ('log-out' == $action) {
$html .= "</p><p>" . sprintf(__("Do you really want to <a href='%s'>log out</a>?"), wp_nonce_url(site_url('wp-login.php?action=logout', 'login'), 'log-out'));
}
wp_die($html, $title);
}
/**
* Display "Are You Sure" message to confirm the action being taken.
*
* If the action has the nonce explain message, then it will be displayed along
* with the "Are you sure?" message.
*
* @package WordPress
* @subpackage Security
* @since 2.0.4
*
* @param string $action The nonce action.
*/
function wp_nonce_ays($action)
{
$title = __('WordPress Failure Notice');
$html = esc_html(wp_explain_nonce($action));
if ('log-out' == $action) {
$html .= "</p><p>" . sprintf(__("Do you really want to <a href='%s'>log out</a>?"), wp_logout_url());
} elseif (wp_get_referer()) {
$html .= "</p><p><a href='" . esc_url(remove_query_arg('updated', wp_get_referer())) . "'>" . __('Please try again.') . "</a>";
}
wp_die($html, $title, array('response' => 403));
}
function wp_nonce_ays($action)
{
$title = __('WordPress Failure Notice');
$html = wp_specialchars(wp_explain_nonce($action)) . '</p>';
if (wp_get_referer()) {
$html .= "<p><a href='" . remove_query_arg('updated', clean_url(wp_get_referer())) . "'>" . __('Please try again.') . "</a>";
}
wp_die($html, $title);
}
function wp_nonce_ays($action) {
global $pagenow, $menu, $submenu, $parent_file, $submenu_file;
$adminurl = get_option('siteurl') . '/wp-admin';
if ( wp_get_referer() )
$adminurl = clean_url(wp_get_referer());
$title = __('WordPress Confirmation');
// Remove extra layer of slashes.
$_POST = stripslashes_deep($_POST );
if ( $_POST ) {
$q = http_build_query($_POST);
$q = explode( ini_get('arg_separator.output'), $q);
$html .= "\t<form method='post' action='" . attribute_escape($pagenow) . "'>\n";
foreach ( (array) $q as $a ) {
$v = substr(strstr($a, '='), 1);
$k = substr($a, 0, -(strlen($v)+1));
$html .= "\t\t<input type='hidden' name='" . attribute_escape(urldecode($k)) . "' value='" . attribute_escape(urldecode($v)) . "' />\n";
}
$html .= "\t\t<input type='hidden' name='_wpnonce' value='" . wp_create_nonce($action) . "' />\n";
$html .= "\t\t<div id='message' class='confirm fade'>\n\t\t<p>" . wp_specialchars(wp_explain_nonce($action)) . "</p>\n\t\t<p><a href='$adminurl'>" . __('No') . "</a> <input type='submit' value='" . __('Yes') . "' /></p>\n\t\t</div>\n\t</form>\n";
} else {
$html .= "\t<div id='message' class='confirm fade'>\n\t<p>" . wp_specialchars(wp_explain_nonce($action)) . "</p>\n\t<p><a href='$adminurl'>" . __('No') . "</a> <a href='" . clean_url(add_query_arg( '_wpnonce', wp_create_nonce($action), $_SERVER['REQUEST_URI'] )) . "'>" . __('Yes') . "</a></p>\n\t</div>\n";
}
$html .= "</body>\n</html>";
wp_die($html, $title);
}
private function explain_nonce($action)
{
global $Ktai_Style;
remove_filter('the_title', array($Ktai_Style->shrinkage, 'shrink_title'), 90);
if ($action === -1 || !preg_match('/([a-z]+)-([a-z]+)(_(.+))?/', $action, $matches)) {
return;
}
$verb = $matches[1];
$noun = $matches[2];
$trans = array();
$trans['change']['cats'] = array(__('Are you sure you want to change categories of this post: "%s"?', 'ktai_style'), 'get_the_title');
$trans['unapprove']['comment'] = array(__('Are you sure you want to unapprove the comment: "%s"?', 'ktai_style'), 'use_id');
$trans['approve']['comment'] = array(__('Are you sure you want to approve the comment: "%s"?', 'ktai_style'), 'use_id');
$trans['delete']['comment'] = array(__('Are you sure you want to delete the comment: "%s"?', 'ktai_style'), 'use_id');
$trans['delete']['post'] = array(__('Are you sure you want to delete this post: "%s"?', 'ktai_style'), 'get_the_title');
$trans['delete']['page'] = array(__('Are you sure you want to delete this page: "%s"?', 'ktai_style'), 'get_the_title');
$trans['bulk']['spamdelete'] = array(__('Are you sure you want to delete all spam?', 'ktai_style'));
if (isset($trans[$verb][$noun])) {
if (!empty($trans[$verb][$noun][1])) {
$lookup = $trans[$verb][$noun][1];
$object = $matches[4];
if ('use_id' != $lookup) {
$object = call_user_func($lookup, $object);
}
$desc = sprintf($trans[$verb][$noun][0], $object);
} else {
$desc = $trans[$verb][$noun][0];
}
$allow_proceed = true;
} else {
$desc = wp_explain_nonce($action);
$allow_proceed = false;
}
return array($desc, $allow_proceed);
}
function wp_nonce_ays($action)
{
global $pagenow;
$title = __('WordPress Failure Notice');
$html .= "\t<div id='message' class='updated fade'>\n\t<p>" . wp_specialchars(wp_explain_nonce($action)) . "</p>\n\t<p>";
if (wp_get_referer()) {
$html .= "<a href='" . remove_query_arg('updated', clean_url(wp_get_referer())) . "'>" . __('Please try again.') . "</a>";
}
$html .= "</p>\n\t</div>\n";
$html .= "</body>\n</html>";
wp_die($html, $title);
}