10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

- fixed profile form nonce;

Browse Source 
- fixed profile form getting ID and data;
- fixed class-access.php when restricted taxonomies are disabled;
This commit is contained in:
Nikita Sinelnikov
2021-08-19 12:58:13 +03:00
parent 6e4ed30171
commit 5d773256b9
4 changed files with 32 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/core/class-fields.php
+11
View File
@@ -709,6 +709,12 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
return '';
}
if ( 'profile' === $this->set_mode ) {
if ( ! isset( UM()->form()->post_form['profile_nonce'] ) || UM()->form()->post_form['profile_nonce'] !== UM()->form()->nonce ) {
return '';
}
}
return stripslashes_deep( UM()->form()->post_form[ $key ] );
} elseif ( um_user( $key ) && $this->editing == true ) {
@@ -3879,6 +3885,11 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
UM()->form()->form_suffix = '-' . $this->global_args['form_id'];
$this->set_mode = $mode;
if ( 'profile' === $mode ) {
UM()->form()->nonce = wp_create_nonce( 'um-profile-nonce' . UM()->user()->target_id );
}
$this->set_id = $this->global_args['form_id'];
$this->field_icons = ( isset( $this->global_args['icons'] ) ) ? $this->global_args['icons'] : 'label';