Changeset 3469008
- Timestamp:
- 02/25/2026 03:01:06 AM (5 weeks ago)
- Location:
- news-element/trunk/admin
- Files:
-
- 2 edited
-
inc/dash.php (modified) (3 diffs)
-
lib/index.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
news-element/trunk/admin/inc/dash.php
r3468177 r3469008 22 22 public function ne_display_import_sites() { 23 23 24 if ( !isset($_POST['nonce']) || !current_user_can('manage_options') || !wp_verify_nonce( sanitize_text_field(wp_unslash($_POST['nonce'])), ' wp_rest')) {24 if ( !isset($_POST['nonce']) || !current_user_can('manage_options') || !wp_verify_nonce( sanitize_text_field(wp_unslash($_POST['nonce'])), 'newselement-nonce')) { 25 25 exit; 26 26 } 27 27 28 28 $data = get_option('news24lib'); 29 29 … … 135 135 'ajax_url' => admin_url( 'admin-ajax.php' ), 136 136 'site_url' => home_url(), 137 'nonce' => wp_create_nonce( 'newselement-nonce' ), 137 138 ); 138 139 wp_enqueue_script('ne_admin_demo', plugin_dir_url( __FILE__ ).'assets/admin.js',array('jquery','masonry'), NEWS_ELM_VERSION, true); … … 165 166 public static function ne_import_data(){ 166 167 167 if ( !isset($_POST['nonce']) || !current_user_can('manage_options') || !wp_verify_nonce( sanitize_text_field(wp_unslash($_POST['nonce'])), ' wp_rest')) {168 if ( !isset($_POST['nonce']) || !current_user_can('manage_options') || !wp_verify_nonce( sanitize_text_field(wp_unslash($_POST['nonce'])), 'newselement-nonce')) { 168 169 exit; 169 170 } -
news-element/trunk/admin/lib/index.php
r3468177 r3469008 98 98 function ajax_data(){ 99 99 //phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotValidated 100 if (!current_user_can('manage_options') || !wp_verify_nonce( sanitize_text_field(wp_unslash($_POST['nonce'])), ' wp_rest')) {100 if (!current_user_can('manage_options') || !wp_verify_nonce( sanitize_text_field(wp_unslash($_POST['nonce'])), 'newselement-nonce')) { 101 101 exit; 102 102 }
Note: See TracChangeset
for help on using the changeset viewer.