pro/2024_WEBSITE_fipf
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

wip nonce actually dont work

Browse Source
This commit is contained in:
asus
2024-03-23 23:51:35 +01:00
parent 46885fe10e
commit b05b5f375e
3 changed files with 56 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
plugins/fbpatch/menu/menu_content.php
View File

@@ -16,12 +16,10 @@ if (!defined('ABSPATH')) {
*
*/
function plugin_content() {
$base_rest_route = Fbpatch::URL_BASE_REST_ROUTE;
$fetch_nonce = wp_create_nonce('wp_rest');
$fetch_url = get_site_url() . "/wp-json";
// Fbpatch::get_patchs();
$nonce = Fbpatch::NONCE;
ob_start();
include(plugin_dir_path(__DIR__) . '/html/menu.html');
\FBPATCH\choose_patches();
$html = ob_get_clean();
echo $html;
@@ -31,25 +29,48 @@ function plugin_content() {
function choose_patches() {
$nonce = $_POST['nonce_name'];
if (!wp_verify_nonce($nonce, 'action_name')) {
exit;
error_log("_POST: " . json_encode($_POST));
$nonce = Fbpatch::NONCE;
if (!isset($_POST[$nonce['_name']])) {
error_log("_POST[{$nonce['_name']}] is not set");
\FBPATCH\redirect_menu($_POST);
return;
}
if (!wp_verify_nonce($nonce['_name'], $nonce['_action'])) {
error_log("is logged in: " . json_encode(is_user_logged_in()));
error_log("verify nonce false");
\FBPATCH\redirect_menu($_POST);
return;
}
error_log("is logged in: " . json_encode(is_user_logged_in()));
}
add_action('admin_post_add_patches', __NAMESPACE__.'\choose_patches');
//// handling routes and endpoints
//// diff routes and endpoints : https://stackoverflow.com/q/56075017/9497573
//function admin_menu_routes_endpoints() {
// $base_rest_route = Fbpatch::URL_BASE_REST_ROUTE;
// register_rest_route($base_rest_route, '/choose', array(
// 'methods' => 'POST',
// 'callback' => __NAMESPACE__.'\choose_patches',
// ));
//};
//add_action('rest_api_init', __NAMESPACE__.'\admin_menu_routes_endpoints');
function redirect_menu($post) {
if (!isset($post)) {
wp_redirect(admin_url(), 301);
exit;
}
if (is_null($post)) {
wp_redirect(admin_url(), 301);
exit;
}
if (empty($post)) {
wp_redirect(admin_url(), 301);
exit;
}
if (!isset($post['_wp_http_referer'])) {
wp_redirect(admin_url(), 301);
exit;
}
wp_redirect(home_url($post['_wp_http_referer']), 301);
exit;
}