Skip to content

Commit dc6629e

Browse files
futttafuttta
committed
More sanitization in the handling of form values received in AJAX.
1 parent c52e69f commit dc6629e

1 file changed

Lines changed: 12 additions & 12 deletions

File tree

asyncjsAllAjax.php

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -381,18 +381,18 @@
381381
}
382382
break;
383383
case 'aj_save_settings':
384-
$aj_enabled = sanitize_text_field( $_POST['aj_enabled'] );
385-
$aj_enabled_logged = sanitize_text_field( $_POST['aj_enabled_logged'] );
386-
$aj_enabled_shop = sanitize_text_field( $_POST['aj_enabled_shop'] );
387-
$aj_method = sanitize_text_field( $_POST['aj_method'] );
388-
$aj_jquery = sanitize_text_field( $_POST['aj_jquery'] );
389-
$aj_async = sanitize_text_field( $_POST['aj_async'] );
390-
$aj_defer = sanitize_text_field( $_POST['aj_defer'] );
391-
$aj_exclusions = sanitize_text_field( $_POST['aj_exclusions'] );
392-
$aj_plugin_exclusions = $_POST['aj_plugin_exclusions'];
393-
$aj_theme_exclusions = $_POST['aj_theme_exclusions'];
394-
$aj_autoptimize_enabled = sanitize_text_field( $_POST['aj_autoptimize_enabled'] );
395-
$aj_autoptimize_method = sanitize_text_field( $_POST['aj_autoptimize_method'] );
384+
$aj_enabled = ( empty($_POST['aj_enabled'] ) ) ? '' : sanitize_text_field( $_POST['aj_enabled'] );
385+
$aj_enabled_logged = ( empty($_POST['aj_enabled_logged'] ) ) ? '' : sanitize_text_field( $_POST['aj_enabled_logged'] );
386+
$aj_enabled_shop = ( empty($_POST['aj_enabled_shop'] ) ) ? '' : sanitize_text_field( $_POST['aj_enabled_shop'] );
387+
$aj_method = ( empty($_POST['aj_method'] ) ) ? '' : sanitize_text_field( $_POST['aj_method'] );
388+
$aj_jquery =( empty($_POST['aj_jquery'] ) ) ? '' : sanitize_text_field( $_POST['aj_jquery'] );
389+
$aj_async = ( empty($_POST['aj_async'] ) ) ? '' : sanitize_text_field( $_POST['aj_async'] );
390+
$aj_defer = ( empty($_POST['aj_defer'] ) ) ? '' : sanitize_text_field( $_POST['aj_defer'] );
391+
$aj_exclusions = ( empty($_POST['aj_exclusions'] ) ) ? '' : sanitize_text_field( $_POST['aj_exclusions'] );
392+
$aj_plugin_exclusions = ( empty($_POST['aj_plugin_exclusions'] ) ) ? '' : array_map( 'sanitize_text_field', $_POST['aj_plugin_exclusions'] );
393+
$aj_theme_exclusions = ( empty($_POST['aj_theme_exclusions'] ) ) ? '' : array_map( 'sanitize_text_field', $_POST['aj_theme_exclusions'] ) ;
394+
$aj_autoptimize_enabled = ( empty($_POST['aj_autoptimize_enabled'] ) ) ? '' : sanitize_text_field( $_POST['aj_autoptimize_enabled'] );
395+
$aj_autoptimize_method = ( empty($_POST['aj_autoptimize_method'] ) ) ? '' : sanitize_text_field( $_POST['aj_autoptimize_method'] );
396396
update_option( 'aj_enabled', $aj_enabled );
397397
update_option( 'aj_enabled_logged', $aj_enabled_logged );
398398
update_option( 'aj_enabled_shop', $aj_enabled_shop );

0 commit comments

Comments
 (0)