WordPress.org
Get WordPress

Plugin Directory

Changeset 3260765


Ignore:
Timestamp:
03/24/2025 11:57:00 AM (13 months ago)
Author:
wsxplugindev
Message:

tagging version 3.7

Location:
admin-dashboard-rss-feed/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • admin-dashboard-rss-feed/trunk/admin-rss-feed.php

    r3259748 r3260765  
    55Plugin URI: https://www.webstix.com
    66Author: Webstix
    7 Version:     3.6
     7Version:     3.7
    88Text Domain: admin-dashboard-rss-feed
    99Author:      Webstix, Inc.
     
    100100function wsx_rss_feed_admin_settings()
    101101{
    102     // Ensure request method is set before using it
    103     if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
    104         if (!isset($_POST['wsx_rss_feed_nonce']) ||
    105             !wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['wsx_rss_feed_nonce'])), 'wsx_rss_feed_nonce_action')) {
    106             wp_die(esc_html__('Security check failed', 'admin-dashboard-rss-feed'));
    107         }
    108 
    109         // Save attachment ID
    110         if (isset($_POST['image_attachment_id'])) {
    111             update_option('wsx_rss_feed_image_attachment_id', absint($_POST['image_attachment_id']));
    112         }
    113     }
     102    // Check if the request is a POST request
     103    if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
     104
     105        // Validate nonce correctly using $_REQUEST instead of $_POST
     106        if (!isset($_REQUEST['_wpnonce']) && !wp_verify_nonce(sanitize_text_field(wp_unslash($_REQUEST['_wpnonce'])), 'wsx_rss_feed_nonce_action')) {           
     107            wp_die(esc_html__('Security check failed', 'admin-dashboard-rss-feed'));
     108        }
     109   
     110        // Sanitize and save the attachment ID
     111        if (isset($_POST['image_attachment_id'])) {
     112            update_option('wsx_rss_feed_image_attachment_id', absint($_POST['image_attachment_id']));
     113        }
     114    }
    114115
    115116    if (!empty($_GET['page']) && $_GET['page'] == "admin-dashboard-rss-feed/admin-rss-feed.php") {

  • admin-dashboard-rss-feed/trunk/readme.txt

    r3259748 r3260765  
    55Requires at least: 4.7.5
    66Tested up to: 6.7
    7 Stable Tag: 3.6
     7Stable Tag: 3.7
    88License: GPLv2 or later
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    147147= 3.6 =
    148148* Updated the maximum number of posts in settings
     149
     150= 3.7 =
     151* Fixed bugs
     152* Fixed nonce issue
Note: See TracChangeset for help on using the changeset viewer.