tec3/five-for-the-future
tec3/five-for-the-future
1
0
Fork 0
mirror of https://github.com/WordPress/five-for-the-future.git synced 2025-04-18 17:33:43 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

My Pledges: Ensure the submitted contributor_post_id is valid.

Browse source 
See #87
This commit is contained in:
Caleb Burks 2019-11-06 00:45:38 -06:00 committed by Ian Dunn
parent c47679a5cc
commit 8230963ea4
No known key found for this signature in database
GPG key ID: 99B971B50343CBCB
1 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
plugins/wporg-5ftf/includes/contributor.php
View file

@ -309,13 +309,18 @@ function process_my_pledges_form() {
$contributor_post_id = filter_input( INPUT_POST, 'contributor_post_id', FILTER_VALIDATE_INT );
$nonce = filter_input( INPUT_POST, '_wpnonce', FILTER_SANITIZE_STRING );
if ( empty( $contributor_post_id ) || empty( $nonce ) ) {
return '';
return ''; // Return early, the form wasn't submitted.
}
$contributor_post = get_post( $contributor_post_id );
if ( isset( $contributor_post->post_type ) && $contributor_post->post_type === CPT_ID ) {
$pledge = get_post( $contributor_post->post_parent );
} else {
return ''; // Return early, the form was submitted incorrectly.
}
$message = '';
$status = false;
$pledge = get_post( get_post( $contributor_post_id )->post_parent );
if ( filter_input( INPUT_POST, 'join_organization' ) ) {
wp_verify_nonce( $nonce, 'join_decline_organization' ) || wp_nonce_ays( 'join_decline_organization' );