Prevent direct access from outside WordPress #60

Merged
lemsmyth merged 19 commits from prevent-direct-access-from-outside-WordPress into master 2022-02-14 02:34:20 +01:00
2 changed files with 31 additions and 22 deletions
Showing only changes of commit 233856b67d - Show all commits

View file

@ -117,7 +117,7 @@ class LBRY_Admin
add_settings_field( add_settings_field(
LBRY_LBC_PUBLISH, LBRY_LBC_PUBLISH,
'LBC Per Publish', 'LBC Per Publish',
array( $this, 'lbc_publish_callback' ), array( $this, 'lbc_per_publish_callback' ),
LBRY_ADMIN_PAGE, LBRY_ADMIN_PAGE,
LBRY_SETTINGS_SECTION_GENERAL LBRY_SETTINGS_SECTION_GENERAL
); );
@ -354,13 +354,14 @@ class LBRY_Admin
/** /**
* Prints LBC per publish input * Prints LBC per publish input
*/ */
public function lbc_publish_callback() public function lbc_per_publish_callback()
{ {
printf( printf(
'<input type="number" id="%1$s" name="%2$s[%1$s]" value="%3$s" min="0.01" step="0.01"/>', '<input type="number" id="' . esc_attr('%1$s') . '" name="' . esc_attr('%2$s[%1$s]') . '" value="' . esc_attr('%3$.3f') . '" min="0.001" step="0.001"><p>Current minimum bid <img src="' . esc_attr('%4$s ') . '" class="icon icon-lbc bid-icon-lbc"> 0.001</p>',
LBRY_LBC_PUBLISH, LBRY_LBC_PUBLISH,
LBRY_SETTINGS, LBRY_SETTINGS,
$this->options[LBRY_LBC_PUBLISH] $this->options[LBRY_LBC_PUBLISH],
plugin_dir_url( LBRY_PLUGIN_FILE ) . 'admin/images/lbc.png'
); );
} }

View file

@ -37,7 +37,7 @@ class LBRY_Network
add_action( 'add_meta_boxes', array( $this, 'lbry_meta_boxes' ) ); add_action( 'add_meta_boxes', array( $this, 'lbry_meta_boxes' ) );
// Save the post meta on 'save_post' hook // Save the post meta on 'save_post' hook
add_action('wp_insert_post', array($this, 'save_post_meta'), 11, 2); add_action( 'wp_insert_post', array( $this, 'save_post_meta' ), 11, 2 );
} }
/** /**
@ -64,20 +64,26 @@ class LBRY_Network
*/ */
public function save_post_meta( $post_id, $post ) public function save_post_meta( $post_id, $post )
{ {
if ($post->post_type != 'post') { if ( $post->post_type != 'post' ) {
return; return $post_id;
}
if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) {
return $post_id;
} }
// Verify the nonce before proceeding. // Verify the nonce before proceeding.
if (!isset($_POST['_lbrynonce']) || !wp_verify_nonce($_POST['_lbrynonce'], 'lbry_publish_channels')) { if ( ! isset( $_POST['_lbrynonce'] ) || ! wp_verify_nonce( $_POST['_lbrynonce'], 'lbry_publish_post_nonce' ) ) {
//LBRY()->notice->set_notice('error', 'Security check failed' );
return $post_id; return $post_id;
} }
$post_type = get_post_type_object( $post->post_type );
// Check if the current user has permission to edit the post. if ( ! current_user_can( $post_type->cap->edit_post, $post_id ) ) {
$post_type = get_post_type_object($post->post_type);
if (!current_user_can($post_type->cap->edit_post, $post_id)) {
return $post_id; return $post_id;
} }
if ( ( $_POST[LBRY_WILL_PUBLISH] ) && $_POST[LBRY_WILL_PUBLISH] != get_post_meta( $post_id, LBRY_WILL_PUBLISH, true ) ) {
update_post_meta( $post_id, LBRY_WILL_PUBLISH, $_POST[LBRY_WILL_PUBLISH] );
} elseif ( ! isset( $_POST[LBRY_WILL_PUBLISH] ) ) {
update_post_meta( $post_id, LBRY_WILL_PUBLISH, 0 );
}
$channel = $_POST[LBRY_POST_PUB_CHANNEL]; $channel = $_POST[LBRY_POST_PUB_CHANNEL];
$cur_channel = ( get_post_meta( $post_id, LBRY_POST_PUB_CHANNEL, true ) ? get_post_meta( $post_id, LBRY_POST_PUB_CHANNEL, true ) : get_post_meta( $post_id, '_lbry_channel', true ) ); $cur_channel = ( get_post_meta( $post_id, LBRY_POST_PUB_CHANNEL, true ) ? get_post_meta( $post_id, LBRY_POST_PUB_CHANNEL, true ) : get_post_meta( $post_id, '_lbry_channel', true ) );
@ -86,18 +92,20 @@ class LBRY_Network
$will_publish = $_POST[LBRY_WILL_PUBLISH]; $will_publish = $_POST[LBRY_WILL_PUBLISH];
// Update meta acordingly // Update meta acordingly
if (!$will_publish) {
update_post_meta($post_id, LBRY_WILL_PUBLISH, 'false'); if ( $channel !== $cur_channel ) {
} else { update_post_meta( $post_id, LBRY_POST_PUB_CHANNEL, $channel );
update_post_meta($post_id, LBRY_WILL_PUBLISH, 'true'); delete_post_meta( $post_id, '_lbry_channel'); // remove the _lbry_channel if already set from the post and replaces with _lbry_post_pub_channel to avoid confusion
} elseif ( $channel === $cur_channel && ( $cur_channel === get_post_meta( $post_id, '_lbry_channel', true ) ) ) {
update_post_meta( $post_id, LBRY_POST_PUB_CHANNEL, $channel );
delete_post_meta( $post_id, '_lbry_channel'); // remove the _lbry_channel if already set from the post and replaces with _lbry_post_pub_channel to avoid confusion
} }
if ($new_channel !== $cur_channel) { if ( $license !== $cur_license ) {
update_post_meta($post_id, LBRY_POST_CHANNEL, $new_channel); update_post_meta( $post_id, LBRY_POST_PUB_LICENSE, $license );
} }
if ( ( $will_publish ) && ( $will_publish == 1 ) && $post->post_status == 'publish') {
if ($will_publish && $post->post_status == 'publish') {
// Publish the post on the LBRY Network // Publish the post on the LBRY Network
$this->publisher->publish($post, get_post_meta($post_id, LBRY_POST_CHANNEL, true)); $this->publisher->publish( $post, $channel, $license );
} }
} }