Changeset 3483168
- Timestamp:
- 03/15/2026 03:11:45 PM (2 weeks ago)
- Location:
- adscale-ai/trunk
- Files:
-
- 2 edited
-
adscale-ai.php (modified) (1 diff)
-
src/PluginApi/Order.php (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
adscale-ai/trunk/adscale-ai.php
r3482917 r3483168 23 23 defined( 'ABSPATH' ) || exit; // Exit if accessed directly. 24 24 use AdScale\App; 25 define( 'ADSCALE_INTERNAL_MODULE_VERSION', 'v2026031 1-M' );25 define( 'ADSCALE_INTERNAL_MODULE_VERSION', 'v20260315-M' ); 26 26 define( 'ADSCALE_PLUGIN_DIR', __DIR__ ); 27 27 define( 'ADSCALE_PLUGIN_FILE', __FILE__ ); -
adscale-ai/trunk/src/PluginApi/Order.php
r3482917 r3483168 53 53 54 54 public static function checkRequest() { 55 // nosemgrep: scanner.php.wp.security.csrf.nonce-check-not-dying 55 56 56 parent::checkRequest(); 57 // Nonce verification (accepts both query/body and two common names)58 $nonce = '';59 if ( isset( $_REQUEST['_wpnonce'] ) ) {60 $nonce = sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) );61 } elseif ( isset( $_REQUEST['adscale_nonce'] ) ) {62 $nonce = sanitize_text_field( wp_unslash( $_REQUEST['adscale_nonce'] ) );63 }64 if ( empty( $nonce ) ) {65 $nonce = (string) Helper::get_post_body_data_value( '_wpnonce', 'sanitize_text_field', '' );66 }67 if ( empty( $nonce ) ) {68 $nonce = (string) Helper::get_post_body_data_value( 'adscale_nonce', 'sanitize_text_field', '' );69 }70 if ( empty( $nonce ) || ! wp_verify_nonce( $nonce, 'adscale_order' ) ) {71 Helper::send_response_formatted_error(72 self::makeErrorBody( 'N001', __( 'Invalid request', 'adscale-ai' ), 'Nonce verification failed' )73 );74 }75 57 self::initParams(); 76 58 … … 112 94 * Handle API request 113 95 * 96 * @throws PluginApiException 114 97 */ 115 98 public static function handleRequest() { … … 168 151 * 169 152 * @return array 153 * @throws PluginApiException 170 154 */ 171 155 public static function getOrderData( $order ) { … … 327 311 * 328 312 * @return array 313 * @throws PluginApiException 329 314 */ 330 315 public static function getOrderItemData( $order_item ) {
Note: See TracChangeset
for help on using the changeset viewer.