Cavemanon/piratepoet
8
Fork 0
Code Pull Requests Actions Releases 16 Activity

Sanitize segment data when persisty via public API

Browse Source 
[MAILPOET-4942]
This commit is contained in:
Sam Najian
2023-01-10 10:47:05 +01:00
committed by Aschepikov
parent 1a7b7d1936
commit 0bbd65ac61
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
mailpoet/lib/API/MP/v1/Segments.php
View File

@@ -42,7 +42,9 @@ class Segments {
$this->validateSegmentName($data); $this->validateSegmentName($data);
try { try {
$segment = $this->segmentsRepository->createOrUpdate($data['name'], $data['description'] ?? ''); $name = sanitize_text_field($data['name']);
$description = isset($data['description']) ? sanitize_textarea_field($data['description']) : '';
$segment = $this->segmentsRepository->createOrUpdate($name, $description);
} catch (\Exception $e) { } catch (\Exception $e) {
throw new APIException( throw new APIException(
__('The list couldnt be created in the database', 'mailpoet'), __('The list couldnt be created in the database', 'mailpoet'),