API Security

- added APIAccess class to define access levels of API Endpoints (permissions) - use "mailpoet_token" for all nonce (just as before) - merged setupPublic/setupAdmin methods in API in order to avoid duplication - check permission if access level is not all - fixed ABSPATH check in some classes
2016-10-19 14:37:18 +02:00
parent 5d0ee43921
commit 0ca5b7a79f
8 changed files with 60 additions and 16 deletions
--- a/lib/Mailer/Mailer.php
+++ b/lib/Mailer/Mailer.php
@@ -5,6 +5,8 @@ use MailPoet\Models\Setting;
 if(!defined('ABSPATH')) exit;
 require_once(ABSPATH . 'wp-includes/pluggable.php');

+require_once(ABSPATH . 'wp-includes/pluggable.php');
+
 class Mailer {
  public $mailer_config;
  public $sender;