tec3/five-for-the-future
tec3/five-for-the-future
1
0
Fork 0
mirror of https://github.com/WordPress/five-for-the-future.git synced 2025-04-20 10:03:43 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Append ID to nonce action to make it more unique

Browse source
This commit is contained in:
Caleb Burks 2019-11-06 01:09:01 -06:00
parent 6f67ee1b38
commit b4d6553884
2 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
plugins/wporg-5ftf/includes/contributor.php
View file

@ -322,19 +322,19 @@ function process_my_pledges_form() {
$message = '';
$status = false;
if ( filter_input( INPUT_POST, 'join_organization' ) ) {
wp_verify_nonce( $nonce, 'join_decline_organization' ) || wp_nonce_ays( 'join_decline_organization' );
wp_verify_nonce( $nonce, 'join_decline_organization_' . $contributor_post_id ) || wp_nonce_ays( 'join_decline_organization' );
$status = 'publish';
$message = "You have joined the pledge from {$pledge->post_title}.";
} elseif ( filter_input( INPUT_POST, 'decline_invitation' ) ) {
wp_verify_nonce( $nonce, 'join_decline_organization' ) || wp_nonce_ays( 'join_decline_organization' );
wp_verify_nonce( $nonce, 'join_decline_organization_' . $contributor_post_id ) || wp_nonce_ays( 'join_decline_organization' );
$status = 'trash';
$message = "You have declined the pledge invitation from {$pledge->post_title}.";
} elseif ( filter_input( INPUT_POST, 'leave_organization' ) ) {
wp_verify_nonce( $nonce, 'leave_organization' ) || wp_nonce_ays( 'leave_organization' );
wp_verify_nonce( $nonce, 'leave_organization_' . $contributor_post_id ) || wp_nonce_ays( 'leave_organization' );
$status = 'trash';
$message = "You have left the {$pledge->post_title} pledge.";

4
plugins/wporg-5ftf/views/single-my-pledge.php
View file

@ -44,7 +44,7 @@ namespace WordPressDotOrg\FiveForTheFuture\View;
<input type="hidden" name="contributor_post_id" value="<?php echo esc_attr( $contributor_post->ID ); ?>" />
<?php if ( 'pending' === $contributor_post->post_status ) : ?>
<?php wp_nonce_field( 'join_decline_organization' ); ?>
<?php wp_nonce_field( 'join_decline_organization_' . $contributor_post->ID ); ?>
<input
type="submit"
@ -61,7 +61,7 @@ namespace WordPressDotOrg\FiveForTheFuture\View;
/>
<?php elseif ( 'publish' === $contributor_post->post_status ) : ?>
<?php wp_nonce_field( 'leave_organization' ); ?>
<?php wp_nonce_field( 'leave_organization_' . $contributor_post->ID ); ?>
<input
type="submit"