WordPress.org
Get WordPress

Plugin Directory

Changeset 2939014


Ignore:
Timestamp:
07/15/2023 05:58:06 PM (20 months ago)
Author:
firmcatalyst
Message:

fixed a nonce bug

Location:
fcp-first-screen-css
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • fcp-first-screen-css/tags/1.5/first-screen.php

    r2936748 r2939014  
    33Plugin Name: FCP First Screen CSS
    44Description: Insert inline CSS to the head of the website, so the first screen renders with no jumps, which might improve the CLS web vital. Or for any other reason.
    5 Version: 1.5.01
     5Version: 1.5.02
    66Requires at least: 5.8
    77Tested up to: 6.1
     
    302302
    303303    if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) { return; }
    304     if ( empty( $_POST[ FCPFSC_VER.'nounce-name' ] ) || !wp_verify_nonce( $_POST[ FCPFSC_PREF.'nounce-name' ], FCPFSC_PREF.'nounce-action' ) ) { return; }
    305     //if ( !current_user_can( 'edit_post', $postID ) ) { return; }
     304    if ( empty( $_POST[ FCPFSC_PREF.'nonce' ] ) || !wp_verify_nonce( $_POST[ FCPFSC_PREF.'nonce' ], FCPFSC_PREF.'nonce' ) ) { return; }
    306305    if ( !current_user_can( 'administrator' ) ) { return; }
    307306
     
    736735    ]);
    737736
    738     wp_nonce_field( FCPFSC_PREF.'nounce-action', FCPFSC_PREF.'nounce-name' );
     737    ?>
     738    <input type="hidden" name="<?php echo esc_attr( FCPFSC_PREF ) ?>nonce" value="<?= esc_attr( wp_create_nonce( FCPFSC_PREF.'nonce' ) ) ?>">
     739    <?php
    739740}
    740741
     
    809810    ]);
    810811
    811     wp_nonce_field( FCPFSC_PREF.'nounce-action', FCPFSC_PREF.'nounce-name' );
     812    ?>
     813    <input type="hidden" name="<?php echo esc_attr( FCPFSC_PREF ) ?>nonce" value="<?= esc_attr( wp_create_nonce( FCPFSC_PREF.'nonce' ) ) ?>">
     814    <?php
    812815}
    813816

  • fcp-first-screen-css/tags/1.5/readme.txt

    r2936748 r2939014  
    55Tested up to: 6.2
    66Requires PHP: 7.4
    7 Stable tag: 1.5.01
     7Stable tag: 1.5.02
    88Author: Firmcatalyst, Vadim Volkov
    99Author URI: https://firmcatalyst.com

  • fcp-first-screen-css/trunk/first-screen.php

    r2936748 r2939014  
    33Plugin Name: FCP First Screen CSS
    44Description: Insert inline CSS to the head of the website, so the first screen renders with no jumps, which might improve the CLS web vital. Or for any other reason.
    5 Version: 1.5.01
     5Version: 1.5.02
    66Requires at least: 5.8
    77Tested up to: 6.1
     
    302302
    303303    if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) { return; }
    304     if ( empty( $_POST[ FCPFSC_VER.'nounce-name' ] ) || !wp_verify_nonce( $_POST[ FCPFSC_PREF.'nounce-name' ], FCPFSC_PREF.'nounce-action' ) ) { return; }
    305     //if ( !current_user_can( 'edit_post', $postID ) ) { return; }
     304    if ( empty( $_POST[ FCPFSC_PREF.'nonce' ] ) || !wp_verify_nonce( $_POST[ FCPFSC_PREF.'nonce' ], FCPFSC_PREF.'nonce' ) ) { return; }
    306305    if ( !current_user_can( 'administrator' ) ) { return; }
    307306
     
    736735    ]);
    737736
    738     wp_nonce_field( FCPFSC_PREF.'nounce-action', FCPFSC_PREF.'nounce-name' );
     737    ?>
     738    <input type="hidden" name="<?php echo esc_attr( FCPFSC_PREF ) ?>nonce" value="<?= esc_attr( wp_create_nonce( FCPFSC_PREF.'nonce' ) ) ?>">
     739    <?php
    739740}
    740741
     
    809810    ]);
    810811
    811     wp_nonce_field( FCPFSC_PREF.'nounce-action', FCPFSC_PREF.'nounce-name' );
     812    ?>
     813    <input type="hidden" name="<?php echo esc_attr( FCPFSC_PREF ) ?>nonce" value="<?= esc_attr( wp_create_nonce( FCPFSC_PREF.'nonce' ) ) ?>">
     814    <?php
    812815}
    813816

  • fcp-first-screen-css/trunk/readme.txt

    r2936748 r2939014  
    55Tested up to: 6.2
    66Requires PHP: 7.4
    7 Stable tag: 1.5.01
     7Stable tag: 1.5.02
    88Author: Firmcatalyst, Vadim Volkov
    99Author URI: https://firmcatalyst.com
Note: See TracChangeset for help on using the changeset viewer.