Disable missing nonce errors/warnings for now

2021-02-23 17:59:12 +00:00 · 2021-02-23 17:59:12 +00:00 · 87f2ed4f5c
parent 494a116a62
commit 87f2ed4f5c
2 changed files with 10 additions and 2 deletions
--- a/class/layout/abstract-engine.php
+++ b/class/layout/abstract-engine.php
@ -223,6 +223,8 @@ abstract class MCI_Footnotes_Layout_Engine {
 		wp_enqueue_style( 'mci-footnotes-admin' );
 	}

+	// phpcs:disable WordPress.Security.NonceVerification.Recommended
+	// phpcs:disable WordPress.Security.NonceVerification.Missing
 	/**
 	 * Displays the content of specific sub page.
 	 *
@ -291,7 +293,10 @@ abstract class MCI_Footnotes_Layout_Engine {
 		echo '});';
 		echo '</script>';
 	}
+	// phpcs:enable

+	// phpcs:disable WordPress.Security.NonceVerification.Recommended
+	// phpcs:disable WordPress.Security.NonceVerification.Missing
 	/**
 	 * Save all Plugin settings.
 	 *
@ -319,6 +324,7 @@ abstract class MCI_Footnotes_Layout_Engine {
 		// Update settings.
 		return MCI_Footnotes_Settings::instance()->save_options( $l_arr_active_section['container'], $l_arr_new_settings );
 	}
+	// phpcs:enable

 	/**
 	 * Output the Description of a section. May be overwritten in any section.
--- a/class/layout/init.php
+++ b/class/layout/init.php
@ -138,6 +138,7 @@ class MCI_Footnotes_Layout_Init {
 		printf( '</div>' );
 	}

+	// phpcs:disable WordPress.Security.NonceVerification.Missing
 	/**
 	 * AJAX call. returns a JSON string containing meta information about a specific WordPress Plugin.
 	 *
@ -147,8 +148,8 @@ class MCI_Footnotes_Layout_Init {
 		// TODO: add nonce verification.

 		// get plugin internal name from POST data.
-		if ( isset( $_POST['plugin'] ) && 'true' === $_POST['plugin'] ) {
-			$l_str_plugin_name = santitize_option( wp_unslash( $_POST['plugin'] ) );
+		if ( isset( $_POST['plugin'] ) ) {
+			$l_str_plugin_name = sanitize_text_field( wp_unslash( $_POST['plugin'] ) );
 		}

 		if ( empty( $l_str_plugin_name ) ) {
@ -199,4 +200,5 @@ class MCI_Footnotes_Layout_Init {
 		);
 		exit;
 	}
+	// phpcs:enable
 }