/** * Handler for ajax request to reset the secret key. * * @return bool|null */ function ajax_reset_api_key() { $this->check_ajax_referer('reset-api-key'); $key_rules = array('action' => 'key', 'nonce' => 'key'); $_POST = WPMDB_Sanitize::sanitize_data($_POST, $key_rules, __METHOD__); if (false === $_POST) { exit; } $this->settings['key'] = $this->generate_key(); update_site_option('wpmdb_settings', $this->settings); $result = $this->end_ajax(sprintf("%s\n%s", site_url('', 'https'), $this->settings['key'])); return $result; }
/** * Sets $this->state_data from $_POST, potentially un-slashed and sanitized. * * @param array $key_rules An optional associative array of expected keys and their sanitization rule(s). * @param string $state_key The key in $_POST that contains the migration state id (defaults to 'migration_state_id'). * @param string $context The method that is specifying the sanitization rules. Defaults to calling method. * * @return array */ function set_post_data($key_rules = array(), $state_key = 'migration_state_id', $context = '') { if (defined('DOING_WPMDB_TESTS') || $this->doing_cli_migration) { $this->state_data = $_POST; } elseif (is_null($this->state_data)) { $this->state_data = WPMDB_Utils::safe_wp_unslash($_POST); } else { return $this->state_data; } // From this point on we're handling data originating from $_POST, so original $key_rules apply. global $wpmdb_key_rules; if (empty($key_rules) && !empty($wpmdb_key_rules)) { $key_rules = $wpmdb_key_rules; } // Sanitize the new state data. if (!empty($key_rules)) { $wpmdb_key_rules = $key_rules; $context = empty($context) ? $this->get_caller_function() : trim($context); $this->state_data = WPMDB_Sanitize::sanitize_data($this->state_data, $key_rules, $context); if (false === $this->state_data) { exit; } } $migration_state_id = null; if (!empty($this->state_data[$state_key])) { $migration_state_id = $this->state_data[$state_key]; } if (true !== $this->get_migration_state($migration_state_id)) { exit; } return $this->state_data; }
/** * Sets $this->state_data from $_POST, potentially un-slashed and sanitized. * * @param array $key_rules An optional associative array of expected keys and their sanitization rule(s). * @param string $state_key The key in $_POST that contains the migration state id (defaults to 'migration_state_id'). * @param string $context The method that is specifying the sanitization rules. Defaults to calling method. */ function set_post_data($key_rules = array(), $state_key = 'migration_state_id', $context = '') { if (defined('DOING_WPMDB_TESTS') || $this->doing_cli_migration) { $this->state_data = $_POST; } elseif (is_null($this->state_data)) { $this->state_data = WPMDB_Utils::safe_wp_unslash($_POST); } else { return; } // Sanitize the new state data. if (!empty($key_rules)) { $context = empty($context) ? $this->get_caller_function() : trim($context); $this->state_data = WPMDB_Sanitize::sanitize_data($this->state_data, $key_rules, $context); if (false === $this->state_data) { exit; } } $migration_state_id = null; if (!empty($this->state_data[$state_key])) { $migration_state_id = $this->state_data[$state_key]; } if (true !== $this->get_migration_state($migration_state_id)) { exit; } }