From 5c93938b5331d571768fd975788a7b322c44448d Mon Sep 17 00:00:00 2001 From: asus Date: Sun, 24 Mar 2024 11:12:11 +0100 Subject: [PATCH] wip nonce works now --- plugins/fbpatch/html/menu.html | 4 ++-- plugins/fbpatch/menu/menu_content.php | 7 ++----- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/plugins/fbpatch/html/menu.html b/plugins/fbpatch/html/menu.html index 5edc181..350098e 100644 --- a/plugins/fbpatch/html/menu.html +++ b/plugins/fbpatch/html/menu.html @@ -1,7 +1,7 @@ +
- - +
diff --git a/plugins/fbpatch/menu/menu_content.php b/plugins/fbpatch/menu/menu_content.php index a8142d6..f84db73 100644 --- a/plugins/fbpatch/menu/menu_content.php +++ b/plugins/fbpatch/menu/menu_content.php @@ -29,20 +29,17 @@ function plugin_content() { function choose_patches() { - error_log("_POST: " . json_encode($_POST)); $nonce = Fbpatch::NONCE; if (!isset($_POST[$nonce['_name']])) { - error_log("_POST[{$nonce['_name']}] is not set"); \FBPATCH\redirect_menu($_POST); return; } - if (!wp_verify_nonce($nonce['_name'], $nonce['_action'])) { - error_log("is logged in: " . json_encode(is_user_logged_in())); - error_log("verify nonce false"); + if (!wp_verify_nonce($_POST[$nonce['_name']], $nonce['_action'])) { \FBPATCH\redirect_menu($_POST); return; } error_log("is logged in: " . json_encode(is_user_logged_in())); + \FBPATCH\redirect_menu($_POST); } add_action('admin_post_add_patches', __NAMESPACE__.'\choose_patches');