WordPoints /
wordpoints
@@ -20,7 +20,8 @@ |
||
| 20 | 20 | } |
| 21 | 21 | |
| 22 | 22 | // If we're not running a module check, let the maintenance message show. |
| 23 | -if ( ! isset( $_GET['wordpoints_module_check'], $_GET['check_module'] ) ) { // WPCS: CSRF OK. |
|
| 23 | +if ( ! isset( $_GET['wordpoints_module_check'], $_GET['check_module'] ) ) { |
|
| 24 | +// WPCS: CSRF OK. |
|
| 24 | 25 | return; |
| 25 | 26 | } |
| 26 | 27 | |
@@ -88,7 +88,8 @@ discard block |
||
| 88 | 88 | */ |
| 89 | 89 | function wordpoints_maintenance_shutdown_print_rand_str() { |
| 90 | 90 | |
| 91 | - if ( ! isset( $_GET['wordpoints_module_check'] ) ) { // WPCS: CSRF OK. |
|
| 91 | + if ( ! isset( $_GET['wordpoints_module_check'] ) ) { |
|
| 92 | +// WPCS: CSRF OK. |
|
| 92 | 93 | return; |
| 93 | 94 | } |
| 94 | 95 | |
@@ -98,7 +99,8 @@ discard block |
||
| 98 | 99 | $nonce = get_option( 'wordpoints_module_check_nonce' ); |
| 99 | 100 | } |
| 100 | 101 | |
| 101 | - if ( ! $nonce || ! hash_equals( $nonce, sanitize_key( $_GET['wordpoints_module_check'] ) ) ) { // WPCS: CSRF OK. |
|
| 102 | + if ( ! $nonce || ! hash_equals( $nonce, sanitize_key( $_GET['wordpoints_module_check'] ) ) ) { |
|
| 103 | +// WPCS: CSRF OK. |
|
| 102 | 104 | return; |
| 103 | 105 | } |
| 104 | 106 | |
@@ -128,7 +130,8 @@ discard block |
||
| 128 | 130 | */ |
| 129 | 131 | function wordpoints_maintenance_filter_modules( $modules ) { |
| 130 | 132 | |
| 131 | - if ( ! isset( $_GET['check_module'], $_GET['wordpoints_module_check'] ) ) { // WPCS: CSRF OK. |
|
| 133 | + if ( ! isset( $_GET['check_module'], $_GET['wordpoints_module_check'] ) ) { |
|
| 134 | +// WPCS: CSRF OK. |
|
| 132 | 135 | return $modules; |
| 133 | 136 | } |
| 134 | 137 | |
@@ -138,7 +141,8 @@ discard block |
||
| 138 | 141 | $nonce = get_option( 'wordpoints_module_check_nonce' ); |
| 139 | 142 | } |
| 140 | 143 | |
| 141 | - if ( ! $nonce || ! hash_equals( $nonce, sanitize_key( $_GET['wordpoints_module_check'] ) ) ) { // WPCS: CSRF OK. |
|
| 144 | + if ( ! $nonce || ! hash_equals( $nonce, sanitize_key( $_GET['wordpoints_module_check'] ) ) ) { |
|
| 145 | +// WPCS: CSRF OK. |
|
| 142 | 146 | return $modules; |
| 143 | 147 | } |
| 144 | 148 | |
@@ -334,7 +334,8 @@ discard block |
||
| 334 | 334 | */ |
| 335 | 335 | protected function get_reaction_store() { |
| 336 | 336 | |
| 337 | - if ( ! isset( $_POST['reaction_store'] ) ) { // WPCS: CSRF OK. |
|
| 337 | + if ( ! isset( $_POST['reaction_store'] ) ) { |
|
| 338 | +// WPCS: CSRF OK. |
|
| 338 | 339 | $this->unexpected_error( 'reaction_store' ); |
| 339 | 340 | } |
| 340 | 341 | |
@@ -361,7 +362,8 @@ discard block |
||
| 361 | 362 | */ |
| 362 | 363 | protected function get_reaction() { |
| 363 | 364 | |
| 364 | - if ( ! isset( $_POST['id'] ) ) { // WPCS: CSRF OK. |
|
| 365 | + if ( ! isset( $_POST['id'] ) ) { |
|
| 366 | +// WPCS: CSRF OK. |
|
| 365 | 367 | $this->unexpected_error( 'id' ); |
| 366 | 368 | } |
| 367 | 369 | |
@@ -11,9 +11,11 @@ |
||
| 11 | 11 | |
| 12 | 12 | if ( isset( $_POST['clear-recent-list'] ) ) { |
| 13 | 13 | $action = 'clear-recent-list'; |
| 14 | -} elseif ( isset( $_REQUEST['action'] ) && -1 !== (int) $_REQUEST['action'] ) { // WPCS: CSRF OK. |
|
| 14 | +} elseif ( isset( $_REQUEST['action'] ) && -1 !== (int) $_REQUEST['action'] ) { |
|
| 15 | +// WPCS: CSRF OK. |
|
| 15 | 16 | $action = sanitize_key( $_REQUEST['action'] ); |
| 16 | -} elseif ( isset( $_REQUEST['action2'] ) && -1 !== (int) $_REQUEST['action2'] ) { // WPCS: CSRF OK. |
|
| 17 | +} elseif ( isset( $_REQUEST['action2'] ) && -1 !== (int) $_REQUEST['action2'] ) { |
|
| 18 | +// WPCS: CSRF OK. |
|
| 17 | 19 | $action = sanitize_key( $_REQUEST['action2'] ); |
| 18 | 20 | } else { |
| 19 | 21 | $action = ''; |
@@ -17,7 +17,8 @@ |
||
| 17 | 17 | // Show messages and errors. |
| 18 | 18 | // |
| 19 | 19 | |
| 20 | -if ( isset( $_GET['wordpoints_component'], $_GET['_wpnonce'] ) && $wordpoints_components->is_registered( sanitize_key( $_GET['wordpoints_component'] ) ) ) { // WPCS: CSRF OK. |
|
| 20 | +if ( isset( $_GET['wordpoints_component'], $_GET['_wpnonce'] ) && $wordpoints_components->is_registered( sanitize_key( $_GET['wordpoints_component'] ) ) ) { |
|
| 21 | +// WPCS: CSRF OK. |
|
| 21 | 22 | |
| 22 | 23 | $component = sanitize_key( $_GET['wordpoints_component'] ); |
| 23 | 24 | |
@@ -143,7 +143,8 @@ discard block |
||
| 143 | 143 | */ |
| 144 | 144 | function wordpoints_points_admin_screen_hooks() { |
| 145 | 145 | |
| 146 | - if ( isset( $_GET['edithook'] ) || isset( $_POST['savehook'] ) || isset( $_POST['removehook'] ) ) { // WPCS: CSRF OK. |
|
| 146 | + if ( isset( $_GET['edithook'] ) || isset( $_POST['savehook'] ) || isset( $_POST['removehook'] ) ) { |
|
| 147 | +// WPCS: CSRF OK. |
|
| 147 | 148 | |
| 148 | 149 | // - We're doing this without AJAX (JS). |
| 149 | 150 | |
@@ -206,7 +207,8 @@ discard block |
||
| 206 | 207 | */ |
| 207 | 208 | function wordpoints_no_js_points_hooks_save() { |
| 208 | 209 | |
| 209 | - if ( ! isset( $_POST['savehook'] ) && ! isset( $_POST['removehook'] ) ) { // WPCS: CSRF OK. |
|
| 210 | + if ( ! isset( $_POST['savehook'] ) && ! isset( $_POST['removehook'] ) ) { |
|
| 211 | +// WPCS: CSRF OK. |
|
| 210 | 212 | return; |
| 211 | 213 | } |
| 212 | 214 | |
@@ -290,9 +292,12 @@ discard block |
||
| 290 | 292 | |
| 291 | 293 | <?php if ( $has_form ) : ?> |
| 292 | 294 | <hr /> |
| 293 | - <?php else : ?> |
|
| 295 | + <?php else { |
|
| 296 | + : ?> |
|
| 294 | 297 | <br /> |
| 295 | - <?php endif; ?> |
|
| 298 | + <?php endif; |
|
| 299 | +} |
|
| 300 | +?> |
|
| 296 | 301 | |
| 297 | 302 | <div class="hook-instance-description"> |
| 298 | 303 | <label for="<?php $hook->the_field_id( '_description' ); ?>"><?php echo esc_html_x( 'Description (optional):', 'points hook', 'wordpoints' ); ?></label> |
@@ -43,7 +43,8 @@ discard block |
||
| 43 | 43 | return; |
| 44 | 44 | } |
| 45 | 45 | |
| 46 | - if ( isset( $_GET['message'] ) && isset( $messages[ (int) $_GET['message'] ] ) ) { // WPCS: CSRF OK. |
|
| 46 | + if ( isset( $_GET['message'] ) && isset( $messages[ (int) $_GET['message'] ] ) ) { |
|
| 47 | +// WPCS: CSRF OK. |
|
| 47 | 48 | |
| 48 | 49 | wordpoints_show_admin_message( |
| 49 | 50 | esc_html( $messages[ (int) $_GET['message'] ] ) // WPCS: CSRF OK. |
@@ -51,7 +52,8 @@ discard block |
||
| 51 | 52 | , array( 'dismissible' => true ) |
| 52 | 53 | ); |
| 53 | 54 | |
| 54 | - } elseif ( isset( $_GET['error'] ) && isset( $errors[ (int) $_GET['error'] ] ) ) { // WPCS: CSRF OK. |
|
| 55 | + } elseif ( isset( $_GET['error'] ) && isset( $errors[ (int) $_GET['error'] ] ) ) { |
|
| 56 | +// WPCS: CSRF OK. |
|
| 55 | 57 | |
| 56 | 58 | wordpoints_show_admin_error( |
| 57 | 59 | esc_html( $errors[ (int) $_GET['error'] ] ) // WPCS: CSRF OK. |
@@ -222,7 +222,8 @@ |
||
| 222 | 222 | |
| 223 | 223 | $search_term = ''; |
| 224 | 224 | |
| 225 | - if ( isset( $_POST['wordpoints_points_logs_search'] ) ) { // WPCS: CSRF OK |
|
| 225 | + if ( isset( $_POST['wordpoints_points_logs_search'] ) ) { |
|
| 226 | +// WPCS: CSRF OK |
|
| 226 | 227 | $search_term = trim( |
| 227 | 228 | sanitize_text_field( |
| 228 | 229 | wp_unslash( $_POST['wordpoints_points_logs_search'] ) // WPCS: CSRF OK |
@@ -245,8 +245,11 @@ discard block |
||
| 245 | 245 | <p> |
| 246 | 246 | <?php if ( $slug ) : ?> |
| 247 | 247 | <?php esc_html_e( 'Changes to this points type’s settings will affect all sites on this network.', 'wordpoints' ); ?> |
| 248 | - <?php else : ?> |
|
| 249 | - <?php esc_html_e( 'The new points type will be global across all sites on this network.', 'wordpoints' ); ?> |
|
| 248 | + <?php else { |
|
| 249 | + : ?> |
|
| 250 | + <?php esc_html_e( 'The new points type will be global across all sites on this network.', 'wordpoints' ); |
|
| 251 | +} |
|
| 252 | +?> |
|
| 250 | 253 | <?php endif; ?> |
| 251 | 254 | </p> |
| 252 | 255 | </div> |
@@ -655,15 +658,18 @@ discard block |
||
| 655 | 658 | return; |
| 656 | 659 | } |
| 657 | 660 | |
| 658 | - if ( isset( $_POST['save-points-type'] ) ) { // WPCS: CSRF OK |
|
| 661 | + if ( isset( $_POST['save-points-type'] ) ) { |
|
| 662 | +// WPCS: CSRF OK |
|
| 659 | 663 | |
| 660 | - if ( ! empty( $_POST['add_new'] ) ) { // WPCS: CSRF OK |
|
| 664 | + if ( ! empty( $_POST['add_new'] ) ) { |
|
| 665 | +// WPCS: CSRF OK |
|
| 661 | 666 | $this->add_points_type(); |
| 662 | 667 | } else { |
| 663 | 668 | $this->update_points_type(); |
| 664 | 669 | } |
| 665 | 670 | |
| 666 | - } elseif ( ! empty( $_POST['delete-points-type'] ) ) { // WPCS: CSRF OK |
|
| 671 | + } elseif ( ! empty( $_POST['delete-points-type'] ) ) { |
|
| 672 | +// WPCS: CSRF OK |
|
| 667 | 673 | |
| 668 | 674 | $this->delete_points_type(); |
| 669 | 675 | } |
@@ -680,19 +686,22 @@ discard block |
||
| 680 | 686 | |
| 681 | 687 | $settings = array(); |
| 682 | 688 | |
| 683 | - if ( isset( $_POST['points-name'] ) ) { // WPCS: CSRF OK |
|
| 689 | + if ( isset( $_POST['points-name'] ) ) { |
|
| 690 | +// WPCS: CSRF OK |
|
| 684 | 691 | $settings['name'] = trim( |
| 685 | 692 | sanitize_text_field( wp_unslash( $_POST['points-name'] ) ) // WPCS: CSRF OK |
| 686 | 693 | ); |
| 687 | 694 | } |
| 688 | 695 | |
| 689 | - if ( isset( $_POST['points-prefix'] ) ) { // WPCS: CSRF OK |
|
| 696 | + if ( isset( $_POST['points-prefix'] ) ) { |
|
| 697 | +// WPCS: CSRF OK |
|
| 690 | 698 | $settings['prefix'] = ltrim( |
| 691 | 699 | sanitize_text_field( wp_unslash( $_POST['points-prefix'] ) ) // WPCS: CSRF OK |
| 692 | 700 | ); |
| 693 | 701 | } |
| 694 | 702 | |
| 695 | - if ( isset( $_POST['points-suffix'] ) ) { // WPCS: CSRF OK |
|
| 703 | + if ( isset( $_POST['points-suffix'] ) ) { |
|
| 704 | +// WPCS: CSRF OK |
|
| 696 | 705 | $settings['suffix'] = rtrim( |
| 697 | 706 | sanitize_text_field( wp_unslash( $_POST['points-suffix'] ) ) // WPCS: CSRF OK |
| 698 | 707 | ); |
