@@ 781-783 (lines=3) @@ | ||
778 | ||
779 | check_ajax_referer( 'grant-access', 'security' ); |
|
780 | ||
781 | if ( ! current_user_can( 'edit_shop_orders' ) || ! isset( $_POST['loop'], $_POST['order_id'], $_POST['product_ids'] ) ) { |
|
782 | wp_die( -1 ); |
|
783 | } |
|
784 | ||
785 | global $wpdb; |
|
786 | ||
@@ 1451-1453 (lines=3) @@ | ||
1448 | public static function add_order_note() { |
|
1449 | check_ajax_referer( 'add-order-note', 'security' ); |
|
1450 | ||
1451 | if ( ! current_user_can( 'edit_shop_orders' ) || ! isset( $_POST['post_id'], $_POST['note'], $_POST['note_type'] ) ) { |
|
1452 | wp_die( -1 ); |
|
1453 | } |
|
1454 | ||
1455 | $post_id = absint( $_POST['post_id'] ); |
|
1456 | $note = wp_kses_post( trim( wp_unslash( $_POST['note'] ) ) ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized |