Changeset 2771459

Timestamp:

08/17/2022 07:02:46 AM (4 years ago)

Author:

heiblack

Message:

安全性更新

Location:

hb-security-code-generator/trunk

Files:

• hb-security-code-generator.php (modified) (3 diffs)
• page/hb-hb-verification-code-user.php (modified) (2 diffs)
• page/hb-security-code-generator-list-table.php (modified) (1 diff)
• page/hb-security-code-generator-message-page.php (modified) (1 diff)
• page/hb-security-code-generator-tools-page.php (modified) (1 diff)

hb-security-code-generator/trunk/hb-security-code-generator.php

@@ -4 +4 @@
  * Plugin URI: https://piglet.me/SecurityCode
  * Description: A Security Code Generator
- * Version: 0.1.0
+ * Version: 0.1.1
  * Author: heiblack
  * Author URI: https://piglet.me
@@ -183 +183 @@
                     require_once dirname(__FILE__) . '/page/export_csv_class.php';
                     $export_code = new hb_security_code_generator_security_export_csv_class;
-                    if (class_exists('hb_security_code_generator_security_export_csv_class')) {
+                    if (class_exists('hb_security_code_generator_security_export_csv_class') || !defined('ABSPATH') || current_user_can('administrator')) {
                         $hb_length      = sanitize_text_field($_POST['hb_length']);
                         $hb_quantity    = sanitize_text_field($_POST['hb_quantity']);
@@ -225 +225 @@
                         $export_code->export_csv_init($code_data,$hb_name);
                         die();
+                    }else{
+                        http_response_code(404);
+                        die();
                     }
                 }

hb-security-code-generator/trunk/page/hb-hb-verification-code-user.php

@@ -114 +114 @@
     <canvas id="mycanvas" width='150' height='40' ></canvas>
     <br>
+    <?php wp_nonce_field( '_hb-security-code-generator');?>
     <input type="submit" >
 </form>
-<?php else:?>
+<?php elseif(@$_POST['SecurityCode'] && wp_verify_nonce( $_POST['_wpnonce'], '_hb-security-code-generator')): ?>
     <h2><?php esc_html_e('Search Result', 'hb-security-code-generator'); ?></h2>
     <div style="text-align: center">
@@ -141 +142 @@
         </div>
     </div>
+<?php else: ?>
+    <?php esc_html_e('Error', 'hb-security-code-generator'); ?>
 <?php endif?>
 

hb-security-code-generator/trunk/page/hb-security-code-generator-list-table.php

@@ -68 +68 @@
     public function prepare_items()
     {
+
+        if (!defined('ABSPATH') || !current_user_can('administrator')) {
+            http_response_code(404);
+            die();
+        }
+
+
         $per_page               = 30;
         $columns                = $this->get_columns();

hb-security-code-generator/trunk/page/hb-security-code-generator-message-page.php

@@ -1 +1 @@
 <?php
+if (!defined('ABSPATH') || !current_user_can('administrator')) {
+    http_response_code(404);
+    die();
+}
 
 global  $wpdb;

hb-security-code-generator/trunk/page/hb-security-code-generator-tools-page.php

@@ -1 +1 @@
 <?php
+if (!defined('ABSPATH') || !current_user_can('administrator')) {
+    http_response_code(404);
+    die();
+}
+
 $Settingurl   = wp_nonce_url('?page=HBSecurityCode&Setting=true','HB-Security-Code-Generator-setting');
 ?>