PluginProbe ʕ •ᴥ•ʔ
Check & Log Email – Easy Email Testing & Mail logging / 2.0.12
Check & Log Email – Easy Email Testing & Mail logging v2.0.12
1.0.4 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9 2.0 2.0.1 2.0.10 2.0.11 2.0.12 2.0.13 2.0.13.1 2.0.13.2 2.0.14 2.0.2 2.0.3 2.0.4 2.0.5 2.0.5.1 2.0.6 2.0.7 2.0.8 2.0.9 trunk 0.5.7 0.6.0 0.6.1 0.6.2 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.12.1 1.0.13 1.0.13.1 1.0.2 1.0.3
check-email / include / Core / Request / Check_Email_Nonce_Checker.php
check-email / include / Core / Request Last commit date
Check_Email_Log_List_Action.php 4 months ago Check_Email_Nonce_Checker.php 4 months ago Check_Email_Override_PluginAPI.php 4 months ago
Check_Email_Nonce_Checker.php
83 lines
1 <?php namespace CheckEmail\Core\Request;
2
3 use CheckEmail\Core\Loadie;
4 use CheckEmail\Core\UI\Page\Check_Email_Log_List_Page;
5
6 defined( 'ABSPATH' ) || exit; // Exit if accessed directly.
7
8 /**
9 * Check nonce for all Check Email Log requests.
10 */
11 class Check_Email_Nonce_Checker implements Loadie {
12
13 public function load() {
14 add_action( 'admin_init', array( $this, 'check_nonce' ) );
15 }
16
17 public function check_nonce() {
18 if ( ! current_user_can('manage_options') ) {
19 return false;
20 }
21
22 if ( ! isset( $_POST['check-email-action'] ) && ! isset( $_REQUEST['action'] ) && ! isset( $_REQUEST['action2'] ) ) {
23 return;
24 }
25
26 if ( isset( $_POST['check-email-action'] ) ) {
27 $action = sanitize_text_field( wp_unslash( $_POST['check-email-action'] ) );
28
29 // $action is sanitize on line 23
30 // phpcs:ignore
31 if ( ! isset( $_POST[ $action . '_nonce' ] ) ) {
32 return;
33 }
34
35 // $action is sanitize on line 23
36 // phpcs:ignore
37 if ( ! wp_verify_nonce( $_POST[ $action . '_nonce' ], $action ) ) {
38 return;
39 }
40 }
41
42 if ( isset( $_REQUEST['action'] ) || isset( $_REQUEST['action2'] ) ) {
43 $action = sanitize_text_field( wp_unslash($_REQUEST['action']) );
44
45 if ( '-1' === $action ) {
46 if ( ! isset( $_REQUEST['action2'] ) ) {
47 return;
48 }
49
50 $action = sanitize_text_field( wp_unslash($_REQUEST['action2']) );
51 }
52
53 $is_right_page = false;
54
55 // $action is sanitize on line 39 or 46
56 // phpcs:ignore
57 if ( strpos( $action, 'check-email-log-list-' ) === 0 ) {
58 $is_right_page = true;
59 }
60 if ( strpos( $action, 'check-email-error-tracker-' ) === 0 ) {
61 $is_right_page = true;
62 }
63
64 if (!$is_right_page) {
65 return;
66 }
67
68 if ( ! isset( $_REQUEST[ Check_Email_Log_List_Page::LOG_LIST_ACTION_NONCE_FIELD ] ) ) {
69 return;
70 }
71
72 // phpcs:ignore
73 if ( ! wp_verify_nonce( $_REQUEST[ Check_Email_Log_List_Page::LOG_LIST_ACTION_NONCE_FIELD ], Check_Email_Log_List_Page::LOG_LIST_ACTION_NONCE ) ) {
74 return;
75 }
76 }
77 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
78 do_action( 'check_email_action', $action, $_REQUEST );
79 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound
80 do_action( $action, $_REQUEST );
81 }
82 }
83