10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

- intermediate results with sanitizing form handlers;

Browse Source
This commit is contained in:
Nikita Sinelnikov
2021-06-29 02:51:54 +03:00
parent 23d1b982a4
commit 07e664be80
63 changed files with 4337 additions and 2812 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/admin/class-admin-functions.php
+3 -3
View File
@@ -28,7 +28,7 @@ if ( ! class_exists( 'um\admin\Admin_Functions' ) ) {
* @param bool $action
*/
function check_ajax_nonce( $action = false ) {
$nonce = isset( $_REQUEST['nonce'] ) ? $_REQUEST['nonce'] : '';
$nonce = isset( $_REQUEST['nonce'] ) ? sanitize_text_field( $_REQUEST['nonce'] ) : '';
$action = empty( $action ) ? 'um-admin-nonce' : $action;
if ( ! wp_verify_nonce( $nonce, $action ) ) {
@@ -81,7 +81,7 @@ if ( ! class_exists( 'um\admin\Admin_Functions' ) ) {
if ( in_array( $post_type, $cpt ) ) {
return true;
}
} elseif ( isset( $_REQUEST['action'] ) && $_REQUEST['action'] == 'edit' ) {
} elseif ( isset( $_REQUEST['action'] ) && sanitize_key( $_REQUEST['action'] ) == 'edit' ) {
$post_type = get_post_type();
if ( in_array( $post_type, $cpt ) ) {
return true;
@@ -113,4 +113,4 @@ if ( ! class_exists( 'um\admin\Admin_Functions' ) ) {
return false;
}
}
}
}