Replaced "contains" by "indexOf" (chrome issue)
- added public ajax routing (not checking permissions) - exception handling in form subscription
This commit is contained in:
Jonathan Labreuille
@ -119,14 +119,14 @@ define('date',
|
||||
|
||||
let outputFormat = '';
|
||||
|
||||
Object.keys(replacements).forEach(function (key) {
|
||||
if (format.contains(key)) {
|
||||
Object.keys(replacements).forEach(function(key) {
|
||||
if (format.indexOf(key) !== -1) {
|
||||
format = format.replace(key, '%'+key);
|
||||
}
|
||||
});
|
||||
outputFormat = format;
|
||||
Object.keys(replacements).forEach(function(key) {
|
||||
if (outputFormat.contains('%'+key)) {
|
||||
if (outputFormat.indexOf('%'+key) !== -1) {
|
||||
outputFormat = outputFormat.replace('%'+key, replacements[key]);
|
||||
}
|
||||
});
|
||||
|
||||
@ -33,7 +33,6 @@ class Initializer {
|
||||
$this->setupRenderer();
|
||||
$this->setupLocalizer();
|
||||
$this->setupMenu();
|
||||
$this->setupRouter();
|
||||
$this->setupPermissions();
|
||||
$this->setupPublicAPI();
|
||||
$this->setupAnalytics();
|
||||
@ -49,6 +48,7 @@ class Initializer {
|
||||
}
|
||||
|
||||
function onInit() {
|
||||
$this->setupRouter();
|
||||
$this->setupPages();
|
||||
$this->runQueueSupervisor();
|
||||
}
|
||||
|
||||
@ -146,7 +146,7 @@ class Subscriber extends Model {
|
||||
)
|
||||
);
|
||||
|
||||
// convert subsdriber to array
|
||||
// convert subscriber to array
|
||||
$subscriber = $this->asArray();
|
||||
|
||||
// set from
|
||||
@ -163,14 +163,13 @@ class Subscriber extends Model {
|
||||
) ? $signup_confirmation['reply_to']
|
||||
: false;
|
||||
|
||||
|
||||
// send email
|
||||
$mailer = new Mailer(
|
||||
false,
|
||||
$from,
|
||||
$reply_to
|
||||
);
|
||||
try {
|
||||
$mailer = new Mailer(false, $from, $reply_to);
|
||||
return $mailer->send($email, $subscriber);
|
||||
} catch(\Exception $e) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -15,12 +15,26 @@ class Router {
|
||||
);
|
||||
add_action(
|
||||
'wp_ajax_mailpoet',
|
||||
array($this, 'setup')
|
||||
array($this, 'setupAdmin')
|
||||
);
|
||||
add_action(
|
||||
'wp_ajax_nopriv_mailpoet',
|
||||
array($this, 'setupPublic')
|
||||
);
|
||||
}
|
||||
|
||||
function setup() {
|
||||
$this->securityCheck();
|
||||
function setupAdmin() {
|
||||
$this->verifyToken();
|
||||
$this->checkPermissions();
|
||||
return $this->processRoute();
|
||||
}
|
||||
|
||||
function setupPublic() {
|
||||
$this->verifyToken();
|
||||
return $this->processRoute();
|
||||
}
|
||||
|
||||
function processRoute() {
|
||||
$class = ucfirst($_POST['endpoint']);
|
||||
$endpoint = __NAMESPACE__ . "\\" . $class;
|
||||
$method = $_POST['method'];
|
||||
@ -43,8 +57,11 @@ class Router {
|
||||
echo $global;
|
||||
}
|
||||
|
||||
function securityCheck() {
|
||||
function checkPermissions() {
|
||||
if(!current_user_can('manage_options')) { die(); }
|
||||
}
|
||||
|
||||
function verifyToken() {
|
||||
if(!wp_verify_nonce($_POST['token'], 'mailpoet_token')) { die(); }
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user