nonce verification
This commit is contained in:
parent
8b92e9d47e
commit
aed033c03e
1 changed files with 4 additions and 0 deletions
|
@ -165,12 +165,16 @@ class Admin {
|
||||||
<th><label for="activitypub-user-description"><?php \esc_html_e( 'Fediverse Biography', 'activitypub' ); ?></label></th>
|
<th><label for="activitypub-user-description"><?php \esc_html_e( 'Fediverse Biography', 'activitypub' ); ?></label></th>
|
||||||
<td><textarea name="activitypub-user-description" id="activitypub-user-description" rows="5" cols="30"><?php echo \esc_html( $ap_description ); ?></textarea>
|
<td><textarea name="activitypub-user-description" id="activitypub-user-description" rows="5" cols="30"><?php echo \esc_html( $ap_description ); ?></textarea>
|
||||||
<p><?php \esc_html_e( 'If you wish to use different biographical info for the fediverse, enter your alternate bio here.', 'activitypub' ); ?></p></td>
|
<p><?php \esc_html_e( 'If you wish to use different biographical info for the fediverse, enter your alternate bio here.', 'activitypub' ); ?></p></td>
|
||||||
|
<?php wp_nonce_field( 'activitypub-user-description', '_apnonce' ); ?>
|
||||||
</tr>
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function save_user_description( $user_id ) {
|
public static function save_user_description( $user_id ) {
|
||||||
|
if ( ! wp_verify_nonce( $_REQUEST['_apnonce'], 'activitypub-user-description' ) ) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
if ( ! current_user_can( 'edit_user', $user_id ) ) {
|
if ( ! current_user_can( 'edit_user', $user_id ) ) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue