mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-07-19 14:43:49 +09:00
- changed clear PHP filter_input to sanitaizing functions;
This commit is contained in:
@@ -339,8 +339,8 @@ if ( ! class_exists( 'um\core\Files' ) ) {
|
||||
|
||||
$user_id = empty( $_REQUEST['user_id'] ) ? get_current_user_id() : absint( $_REQUEST['user_id'] );
|
||||
|
||||
UM()->fields()->set_id = filter_input( INPUT_POST, 'set_id', FILTER_SANITIZE_NUMBER_INT );
|
||||
UM()->fields()->set_mode = filter_input( INPUT_POST, 'set_mode', FILTER_SANITIZE_STRING );
|
||||
UM()->fields()->set_id = isset( $_POST['set_id'] ) ? absint( $_POST['set_id'] ) : null;
|
||||
UM()->fields()->set_mode = isset( $_POST['set_mode'] ) ? sanitize_text_field( $_POST['set_mode'] ) : null;
|
||||
|
||||
if ( UM()->fields()->set_mode != 'register' && ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
|
||||
$ret['error'] = esc_js( __( 'You have no permission to edit this user', 'ultimate-member' ) );
|
||||
|
||||
Reference in New Issue
Block a user