Esempio n. 1
0
 /**
  * Verifies the AJAX request to prevent processing requests external of the blog.
  *
  * @since 0.0.1
  *
  * @param int|string   $action    Action nonce.
  * @param false|string $query_arg Optional. Key to check for the nonce in `$_REQUEST` (since 2.5). If false,
  *                                `$_REQUEST` values will be evaluated for '_ajax_nonce', and '_hqnonce'
  *                                (in that order). Default false.
  * @param bool         $die       Optional. Whether to die early when the nonce cannot be verified.
  *                                Default true.
  * @return false|int False if the nonce is invalid, 1 if the nonce is valid and generated between
  *                   0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
  */
 function check_ajax_referer($action = -1, $query_arg = false, $die = true)
 {
     $nonce = '';
     if ($query_arg && isset($_REQUEST[$query_arg])) {
         $nonce = $_REQUEST[$query_arg];
     } elseif (isset($_REQUEST['_ajax_nonce'])) {
         $nonce = $_REQUEST['_ajax_nonce'];
     } elseif (isset($_REQUEST['_hqnonce'])) {
         $nonce = $_REQUEST['_hqnonce'];
     }
     $result = hq_verify_nonce($nonce, $action);
     if ($die && false === $result) {
         if (defined('DOING_AJAX') && DOING_AJAX) {
             hq_die(-1);
         } else {
             die('-1');
         }
     }
     /**
      * Fires once the AJAX request has been validated or not.
      *
      * @since 0.0.1
      *
      * @param string    $action The AJAX nonce action.
      * @param false|int $result False if the nonce is invalid, 1 if the nonce is valid and generated between
      *                          0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
      */
     do_action('check_ajax_referer', $action, $result);
     return $result;
 }
Esempio n. 2
0
 /**
  * Get the current step.
  *
  * @since 0.0.1
  *
  * @return int Current step
  */
 public function step()
 {
     if (!isset($_GET['step'])) {
         return 1;
     }
     $step = (int) $_GET['step'];
     if ($step < 1 || 3 < $step || 2 == $step && !hq_verify_nonce($_REQUEST['_hqnonce-custom-header-upload'], 'custom-header-upload') || 3 == $step && !hq_verify_nonce($_REQUEST['_hqnonce'], 'custom-header-crop-image')) {
         return 1;
     }
     return $step;
 }