Administration: Ensure that admin referer nonce is valid.

Coding standards, ensure that nonce is valid with identical, rather then equal operator. Backports [46477] to the 5.2 branch. Props vortfu, xknown, whyisjake. Built from https://develop.svn.wordpress.org/branches/5.2@46486 git-svn-id: http://core.svn.wordpress.org/branches/5.2@46284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
dziudek · Oct 14, 2019 · 0ca5695 · 0ca5695
1 parent cbc773d
commit 0ca5695
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
@@ -1092,7 +1092,7 @@ function auth_redirect() {
 	 *                   0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
 	 */
 	function check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) {
-		if ( -1 == $action ) {
+		if ( -1 === $action ) {
 			_doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2.0' );
 		}
 
@@ -1111,7 +1111,7 @@ function check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) {
 		 */
 		do_action( 'check_admin_referer', $action, $result );
 
-		if ( ! $result && ! ( -1 == $action && strpos( $referer, $adminurl ) === 0 ) ) {
+		if ( ! $result && ! ( -1 === $action && strpos( $referer, $adminurl ) === 0 ) ) {
 			wp_nonce_ays( $action );
 			die();
 		}

diff --git a/wp-includes/version.php b/wp-includes/version.php
@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.2.4-alpha-46484';
+$wp_version = '5.2.4-alpha-46486';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.