Changeset 2810503
- Timestamp:
- 11/03/2022 12:00:34 AM (3 years ago)
- Location:
- log-http-requests/trunk
- Files:
-
- 2 edited
-
log-http-requests.php (modified) (4 diffs)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
log-http-requests/trunk/log-http-requests.php
r2770821 r2810503 3 3 Plugin Name: Log HTTP Requests 4 4 Description: Log all those pesky WP HTTP requests 5 Version: 1. 3.25 Version: 1.4 6 6 Author: FacetWP, LLC 7 7 Author URI: https://facetwp.com/ … … 35 35 36 36 // setup variables 37 define( 'LHR_VERSION', '1. 3.2' );37 define( 'LHR_VERSION', '1.4' ); 38 38 define( 'LHR_DIR', dirname( __FILE__ ) ); 39 39 define( 'LHR_URL', plugins_url( '', __FILE__ ) ); … … 101 101 102 102 103 function validate() { 104 if ( ! current_user_can( 'manage_options' ) ) { 105 wp_die(); 106 } 107 108 check_ajax_referer( 'lhr_nonce' ); 109 } 110 111 103 112 function lhr_query() { 104 check_ajax_referer( 'lhr_nonce' ); 105 106 $args = $_POST['data']; 113 $this->validate(); 107 114 108 115 $output = [ 109 'rows' => LHR()->query->get_results( $ args),116 'rows' => LHR()->query->get_results( $_POST['data'] ), 110 117 'pager' => LHR()->query->paginate() 111 118 ]; … … 116 123 117 124 function lhr_clear() { 118 check_ajax_referer( 'lhr_nonce');125 $this->validate(); 119 126 120 127 LHR()->query->truncate_table(); -
log-http-requests/trunk/readme.txt
r2770821 r2810503 3 3 Tags: log, wp_http, requests, update checks, api 4 4 Requires at least: 5.0 5 Tested up to: 6. 0.15 Tested up to: 6.1 6 6 Stable tag: trunk 7 7 License: GPLv2 … … 49 49 == Changelog == 50 50 51 = 1.4 = 52 * Added extra ajax role validation (props pluginvulnerabilities.com) 53 51 54 = 1.3.2 = 52 55 * Escaped URL field to prevent possible XSS (props Bishop Fox)
Note: See TracChangeset
for help on using the changeset viewer.