- changed clear PHP filter_input to sanitaizing functions;

This commit is contained in:
Mykyta Synelnikov
2023-04-24 03:30:56 +03:00
parent c7efb04288
commit 76dba58342
2 changed files with 6 additions and 3 deletions
+2 -2
View File
@@ -339,8 +339,8 @@ if ( ! class_exists( 'um\core\Files' ) ) {
$user_id = empty( $_REQUEST['user_id'] ) ? get_current_user_id() : absint( $_REQUEST['user_id'] );
UM()->fields()->set_id = filter_input( INPUT_POST, 'set_id', FILTER_SANITIZE_NUMBER_INT );
UM()->fields()->set_mode = filter_input( INPUT_POST, 'set_mode', FILTER_SANITIZE_STRING );
UM()->fields()->set_id = isset( $_POST['set_id'] ) ? absint( $_POST['set_id'] ) : null;
UM()->fields()->set_mode = isset( $_POST['set_mode'] ) ? sanitize_text_field( $_POST['set_mode'] ) : null;
if ( UM()->fields()->set_mode != 'register' && ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
$ret['error'] = esc_js( __( 'You have no permission to edit this user', 'ultimate-member' ) );