PluginProbe ʕ •ᴥ•ʔ
Check & Log Email – Easy Email Testing & Mail logging / 1.0.13
Check & Log Email – Easy Email Testing & Mail logging v1.0.13
1.0.4 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9 2.0 2.0.1 2.0.10 2.0.11 2.0.12 2.0.13 2.0.13.1 2.0.13.2 2.0.14 2.0.2 2.0.3 2.0.4 2.0.5 2.0.5.1 2.0.6 2.0.7 2.0.8 2.0.9 trunk 0.5.7 0.6.0 0.6.1 0.6.2 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.12.1 1.0.13 1.0.13.1 1.0.2 1.0.3
check-email / include / Core / Request / Check_Email_Nonce_Checker.php
check-email / include / Core / Request Last commit date
Check_Email_Log_List_Action.php 2 years ago Check_Email_Nonce_Checker.php 2 years ago Check_Email_Override_PluginAPI.php 2 years ago
Check_Email_Nonce_Checker.php
72 lines
1 <?php namespace CheckEmail\Core\Request;
2
3 use CheckEmail\Core\Loadie;
4 use CheckEmail\Core\UI\Page\Check_Email_Log_List_Page;
5
6 defined( 'ABSPATH' ) || exit; // Exit if accessed directly.
7
8 /**
9 * Check nonce for all Check Email Log requests.
10 */
11 class Check_Email_Nonce_Checker implements Loadie {
12
13 public function load() {
14 add_action( 'admin_init', array( $this, 'check_nonce' ) );
15 }
16
17 public function check_nonce() {
18 if ( ! current_user_can('manage_options') ) {
19 return false;
20 }
21 if ( ! isset( $_POST['check-email-action'] ) && ! isset( $_REQUEST['action'] ) && ! isset( $_REQUEST['action2'] ) ) {
22 return;
23 }
24
25 if ( isset( $_POST['check-email-action'] ) ) {
26 $action = sanitize_text_field( wp_unslash( $_POST['check-email-action'] ) );
27
28 // $action is sanitize on line 23
29 // phpcs:ignore
30 if ( ! isset( $_POST[ $action . '_nonce' ] ) ) {
31 return;
32 }
33
34 // $action is sanitize on line 23
35 // phpcs:ignore
36 if ( ! wp_verify_nonce( $_POST[ $action . '_nonce' ], $action ) ) {
37 return;
38 }
39 }
40
41 if ( isset( $_REQUEST['action'] ) || isset( $_REQUEST['action2'] ) ) {
42 $action = sanitize_text_field( wp_unslash($_REQUEST['action']) );
43
44 if ( '-1' === $action ) {
45 if ( ! isset( $_REQUEST['action2'] ) ) {
46 return;
47 }
48
49 $action = sanitize_text_field( wp_unslash($_REQUEST['action2']) );
50 }
51
52 // $action is sanitize on line 39 or 46
53 // phpcs:ignore
54 if ( strpos( $action, 'check-email-log-list-' ) !== 0 ) {
55 return;
56 }
57
58 if ( ! isset( $_REQUEST[ Check_Email_Log_List_Page::LOG_LIST_ACTION_NONCE_FIELD ] ) ) {
59 return;
60 }
61
62 // phpcs:ignore
63 if ( ! wp_verify_nonce( $_REQUEST[ Check_Email_Log_List_Page::LOG_LIST_ACTION_NONCE_FIELD ], Check_Email_Log_List_Page::LOG_LIST_ACTION_NONCE ) ) {
64 return;
65 }
66 }
67
68 do_action( 'check_email_action', $action, $_REQUEST );
69 do_action( $action, $_REQUEST );
70 }
71 }
72