Changeset 3435885
- Timestamp:
- 01/09/2026 12:13:53 PM (6 weeks ago)
- Location:
- course-box
- Files:
-
- 19 added
- 2 edited
-
tags/1.0.4 (added)
-
tags/1.0.4/assets (added)
-
tags/1.0.4/assets/admin.css (added)
-
tags/1.0.4/assets/admin.js (added)
-
tags/1.0.4/course-box.php (added)
-
tags/1.0.4/includes (added)
-
tags/1.0.4/includes/class-course-box-admin.php (added)
-
tags/1.0.4/includes/class-course-box-api.php (added)
-
tags/1.0.4/includes/class-course-box-core.php (added)
-
tags/1.0.4/includes/class-course-box-importer.php (added)
-
tags/1.0.4/includes/index.php (added)
-
tags/1.0.4/includes/traits (added)
-
tags/1.0.4/includes/traits/class-course-box-helper.php (added)
-
tags/1.0.4/includes/traits/class-course-box-logger.php (added)
-
tags/1.0.4/index.html (added)
-
tags/1.0.4/languages (added)
-
tags/1.0.4/languages/course-box.pot (added)
-
tags/1.0.4/readme.txt (added)
-
tags/1.0.4/uninstall.php (added)
-
trunk/course-box.php (modified) (2 diffs)
-
trunk/readme.txt (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
course-box/trunk/course-box.php
r3372308 r3435885 4 4 * Plugin URI: 5 5 * Description: A WordPress plugin that integrates with WooCommerce to import products from an external API with advanced features like pagination, search, and import. 6 * Version: 1.0. 36 * Version: 1.0.4 7 7 * Author: Coursebox Pty Ltd 8 8 * Author URI: https://www.coursebox.ai/ … … 296 296 */ 297 297 public function handle_import_ajax() { 298 check_ajax_referer('course_box_nonce', 'nonce'); 299 300 if (!current_user_can('manage_options')) { 301 wp_die( esc_html__( 'You do not have sufficient permissions to access this page.', 'course-box' ) ); 302 } 303 304 $course_data_raw = isset( $_POST['course_data'] ) 305 ? wp_unslash( sanitize_text_field( wp_unslash( $_POST['course_data'] ) ) ) 306 : ''; 307 $course_data = json_decode(stripslashes($course_data_raw), true); 308 309 if (!$course_data) { 310 wp_send_json_error(__('Invalid course data', 'course-box')); 311 } 312 313 $result = $this->import_course($course_data); 314 315 if ($result['success']) { 316 wp_send_json_success($result['data']); 317 } else { 318 wp_send_json_error($result['data']); 319 } 320 } 298 299 // 1. Security 300 check_ajax_referer('course_box_nonce', 'nonce'); 301 302 if ( ! current_user_can('manage_options') ) { 303 wp_send_json_error( 304 __('You do not have sufficient permissions to access this page.', 'course-box'), 305 403 306 ); 307 } 308 309 // 2. Validate presence 310 if ( empty($_POST['course_data']) ) { 311 wp_send_json_error(__('Missing course data', 'course-box'), 400); 312 } 313 314 // 3. Get RAW JSON (do NOT sanitize) 315 $course_data_raw = wp_unslash($_POST['course_data']); 316 317 // 4. Decode JSON 318 $course_data = json_decode($course_data_raw, true); 319 320 // 5. Validate JSON 321 if ( json_last_error() !== JSON_ERROR_NONE || ! is_array($course_data) ) { 322 wp_send_json_error( 323 __('Invalid course data', 'course-box') . ': ' . json_last_error_msg(), 324 400 325 ); 326 } 327 328 // 6. Import 329 $result = $this->import_course($course_data); 330 331 // 7. Response 332 if ( ! empty($result['success']) ) { 333 wp_send_json_success($result['data']); 334 } 335 336 wp_send_json_error( 337 $result['data'] ?? __('Import failed', 'course-box'), 338 500 339 ); 340 } 321 341 322 342 /** -
course-box/trunk/readme.txt
r3372308 r3435885 4 4 Requires at least: 5.0 5 5 Tested up to: 6.8 6 Stable tag: 1.0. 36 Stable tag: 1.0.4 7 7 Requires PHP: 7.4 8 8 License: GPLv2 or later
Note: See TracChangeset
for help on using the changeset viewer.