Prevent direct access from outside WordPress #60

Merged
lemsmyth merged 19 commits from prevent-direct-access-from-outside-WordPress into master 2022-02-14 02:34:20 +01:00
2 changed files with 31 additions and 22 deletions
Showing only changes of commit 233856b67d - Show all commits

View file

@ -117,7 +117,7 @@ class LBRY_Admin
add_settings_field(
LBRY_LBC_PUBLISH,
'LBC Per Publish',
array( $this, 'lbc_publish_callback' ),
array( $this, 'lbc_per_publish_callback' ),
LBRY_ADMIN_PAGE,
LBRY_SETTINGS_SECTION_GENERAL
);
@ -354,13 +354,14 @@ class LBRY_Admin
/**
* Prints LBC per publish input
*/
public function lbc_publish_callback()
public function lbc_per_publish_callback()
{
printf(
'<input type="number" id="%1$s" name="%2$s[%1$s]" value="%3$s" min="0.01" step="0.01"/>',
'<input type="number" id="' . esc_attr('%1$s') . '" name="' . esc_attr('%2$s[%1$s]') . '" value="' . esc_attr('%3$.3f') . '" min="0.001" step="0.001"><p>Current minimum bid <img src="' . esc_attr('%4$s ') . '" class="icon icon-lbc bid-icon-lbc"> 0.001</p>',
LBRY_LBC_PUBLISH,
LBRY_SETTINGS,
$this->options[LBRY_LBC_PUBLISH]
$this->options[LBRY_LBC_PUBLISH],
plugin_dir_url( LBRY_PLUGIN_FILE ) . 'admin/images/lbc.png'
);
}

View file

@ -65,19 +65,25 @@ class LBRY_Network
public function save_post_meta( $post_id, $post )
{
if ( $post->post_type != 'post' ) {
return;
}
// Verify the nonce before proceeding.
if (!isset($_POST['_lbrynonce']) || !wp_verify_nonce($_POST['_lbrynonce'], 'lbry_publish_channels')) {
return $post_id;
}
// Check if the current user has permission to edit the post.
if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) {
return $post_id;
}
// Verify the nonce before proceeding.
if ( ! isset( $_POST['_lbrynonce'] ) || ! wp_verify_nonce( $_POST['_lbrynonce'], 'lbry_publish_post_nonce' ) ) {
//LBRY()->notice->set_notice('error', 'Security check failed' );
return $post_id;
}
$post_type = get_post_type_object( $post->post_type );
if ( ! current_user_can( $post_type->cap->edit_post, $post_id ) ) {
return $post_id;
}
if ( ( $_POST[LBRY_WILL_PUBLISH] ) && $_POST[LBRY_WILL_PUBLISH] != get_post_meta( $post_id, LBRY_WILL_PUBLISH, true ) ) {
update_post_meta( $post_id, LBRY_WILL_PUBLISH, $_POST[LBRY_WILL_PUBLISH] );
} elseif ( ! isset( $_POST[LBRY_WILL_PUBLISH] ) ) {
update_post_meta( $post_id, LBRY_WILL_PUBLISH, 0 );
}
$channel = $_POST[LBRY_POST_PUB_CHANNEL];
$cur_channel = ( get_post_meta( $post_id, LBRY_POST_PUB_CHANNEL, true ) ? get_post_meta( $post_id, LBRY_POST_PUB_CHANNEL, true ) : get_post_meta( $post_id, '_lbry_channel', true ) );
@ -86,18 +92,20 @@ class LBRY_Network
$will_publish = $_POST[LBRY_WILL_PUBLISH];
// Update meta acordingly
if (!$will_publish) {
update_post_meta($post_id, LBRY_WILL_PUBLISH, 'false');
} else {
update_post_meta($post_id, LBRY_WILL_PUBLISH, 'true');
}
if ($new_channel !== $cur_channel) {
update_post_meta($post_id, LBRY_POST_CHANNEL, $new_channel);
}
if ($will_publish && $post->post_status == 'publish') {
if ( $channel !== $cur_channel ) {
update_post_meta( $post_id, LBRY_POST_PUB_CHANNEL, $channel );
delete_post_meta( $post_id, '_lbry_channel'); // remove the _lbry_channel if already set from the post and replaces with _lbry_post_pub_channel to avoid confusion
} elseif ( $channel === $cur_channel && ( $cur_channel === get_post_meta( $post_id, '_lbry_channel', true ) ) ) {
update_post_meta( $post_id, LBRY_POST_PUB_CHANNEL, $channel );
delete_post_meta( $post_id, '_lbry_channel'); // remove the _lbry_channel if already set from the post and replaces with _lbry_post_pub_channel to avoid confusion
}
if ( $license !== $cur_license ) {
update_post_meta( $post_id, LBRY_POST_PUB_LICENSE, $license );
}
if ( ( $will_publish ) && ( $will_publish == 1 ) && $post->post_status == 'publish') {
// Publish the post on the LBRY Network
$this->publisher->publish($post, get_post_meta($post_id, LBRY_POST_CHANNEL, true));
$this->publisher->publish( $post, $channel, $license );
}
}