WordPress.org
Get WordPress

Plugin Directory

Changeset 3129711


Ignore:
Timestamp:
08/01/2024 07:47:32 PM (20 months ago)
Author:
pushlydev
Message:

Release 2.1.4

File:
1 edited

Legend:

Unmodified
Added
Removed

  • pushly/trunk/includes/admin/class-pushly-admin-post.php

    r3129044 r3129711  
    570570    ) {
    571571        $meta = [];
     572
     573        if ( ! current_user_can( 'edit_posts' ) ) {
     574            Pushly_Admin_Util::log_to_event_stream( "insufficient_capability", "Did not send notification due to missing edit_posts capability." );
     575
     576            return [];
     577        }
     578
     579        /*
     580         * Requests that use the classic editor and quick edit send data via $_POST
     581         */
    572582        if ( ! empty( $_POST ) ) {
    573             // Requests from the Classic Editor (and quick edit) use $_POST
    574             if ( ! current_user_can( 'edit_posts' ) ) {
    575                 Pushly_Admin_Util::log_to_event_stream( "insufficient_capability", "Did not send notification due to missing edit_posts capability." );
    576 
    577                 return [];
    578             }
    579 
    580             /*
    581              * Ensure nonces are set for Classic editor
    582              *
    583              * First, check if this is from quick edit (inlineditnonce)
    584              * Next, check if this is from pushly meta box
    585              *
    586              * If neither of these operations validates a nonce we shouldn't do anything
    587              */
    588             if ( ! check_ajax_referer( 'inlineeditnonce', '_inline_edit', false ) ) {
    589                 // need to verify valid nonce
    590 
    591                 if ( empty( $_POST['pushly_meta_box_nonce'] )
    592                      || ! wp_verify_nonce( $_POST['pushly_meta_box_nonce'], 'pushly_save_notification_meta_box' )
    593                 ) {
    594                     Pushly_Admin_Util::log_to_event_stream( "invalid_nonce", "Did not send notification due to invalid pushly_meta_box_nonce nonce." );
    595 
    596                     return $meta;
    597                 }
    598             }
    599 
    600583            foreach ( $_POST as $key => $value ) {
    601584                if ( str_starts_with( $key, "pushly_" ) ) {
     
    603586                }
    604587            }
    605         } else {
    606             /*
    607              * Requests that use the API/Gutenberg use a JSON post body rather than a form POST. We will
    608              * decode the body here into an associative array and assign `meta` the same way it
    609              * would have come in from $_POST.
    610              */
    611             $json = file_get_contents( 'php://input' );
    612             if ( $json ) {
    613                 $json = json_decode( $json, true );
    614                 if ( isset( $json['meta'] ) ) {
    615                     $meta = $json['meta'];
     588        }
     589
     590        /*
     591         * Requests that use the API/Gutenberg use a JSON post body rather than a form POST. We will
     592         * decode the body here into an associative array and assign `meta` the same way it
     593         * would have come in from $_POST.
     594         */
     595        $json = file_get_contents( 'php://input' );
     596        if ( $json ) {
     597            $json = json_decode( $json, true );
     598            if ( ! empty( $json['meta'] ) && is_array( $json['meta'] ) ) {
     599                foreach ( $json['meta'] as $key => $value ) {
     600                    if ( str_starts_with( $key, "pushly_" ) ) {
     601                        $meta[ $key ] = $value;
     602                    }
    616603                }
    617604            }
Note: See TracChangeset for help on using the changeset viewer.