WordPress.org
Get WordPress

Plugin Directory

Changeset 1489863


Ignore:
Timestamp:
09/04/2016 09:46:49 PM (10 years ago)
Author:
zubaka
Message:

Added senitize check for text field

File:
1 edited

Legend:

Unmodified
Added
Removed

  • zbplayer/trunk/zbPlayer.admin.php

    r1489862 r1489863  
    123123// Business Logic
    124124if (isset($_POST['action'])) {
    125     if (!isset($_POST['_wpnonce'])) {
     125    if (!isset($_POST['_wpnonce']) || !check_admin_referer('zbp-update_options')) {
    126126        die("There was a problem authenticating. Please log out and log back in");
    127127    }
    128128
    129     if (!check_admin_referer('zbp-update_options')) {
    130         die("There was a problem authenticating. Please log out and log back in");
    131     }
    132 
    133129    if ($_POST['action'] == 'update') {
    134130        update_option(
     
    174170        update_option(
    175171            'zbp_collect_field',
    176             isset($_POST['zbp_collect_field']) ? $_POST['zbp_collect_field'] : ZBPLAYER_DEFAULT_COLLECT_FIELD
     172            isset($_POST['zbp_collect_field']) ? sanitize_text_field($_POST['zbp_collect_field']) : ZBPLAYER_DEFAULT_COLLECT_FIELD
    177173        );
    178174
Note: See TracChangeset for help on using the changeset viewer.