From 87f2ed4f5cf4b4dad6a1659d9fc5788ae3947f22 Mon Sep 17 00:00:00 2001
From: Rumperuu <me+footnotes@bengoldsworthy.net>
Date: Tue, 23 Feb 2021 17:59:12 +0000
Subject: [PATCH] Disable missing nonce errors/warnings for now

---
 class/layout/abstract-engine.php | 6 ++++++
 class/layout/init.php            | 6 ++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/class/layout/abstract-engine.php b/class/layout/abstract-engine.php
index 813bf61..fae5af2 100644
--- a/class/layout/abstract-engine.php
+++ b/class/layout/abstract-engine.php
@@ -223,6 +223,8 @@ abstract class MCI_Footnotes_Layout_Engine {
 		wp_enqueue_style( 'mci-footnotes-admin' );
 	}
 
+	// phpcs:disable WordPress.Security.NonceVerification.Recommended
+	// phpcs:disable WordPress.Security.NonceVerification.Missing
 	/**
 	 * Displays the content of specific sub page.
 	 *
@@ -291,7 +293,10 @@ abstract class MCI_Footnotes_Layout_Engine {
 		echo '});';
 		echo '</script>';
 	}
+	// phpcs:enable
 
+	// phpcs:disable WordPress.Security.NonceVerification.Recommended
+	// phpcs:disable WordPress.Security.NonceVerification.Missing
 	/**
 	 * Save all Plugin settings.
 	 *
@@ -319,6 +324,7 @@ abstract class MCI_Footnotes_Layout_Engine {
 		// Update settings.
 		return MCI_Footnotes_Settings::instance()->save_options( $l_arr_active_section['container'], $l_arr_new_settings );
 	}
+	// phpcs:enable
 
 	/**
 	 * Output the Description of a section. May be overwritten in any section.
diff --git a/class/layout/init.php b/class/layout/init.php
index 59f1c3c..c4198df 100644
--- a/class/layout/init.php
+++ b/class/layout/init.php
@@ -138,6 +138,7 @@ class MCI_Footnotes_Layout_Init {
 		printf( '</div>' );
 	}
 
+	// phpcs:disable WordPress.Security.NonceVerification.Missing
 	/**
 	 * AJAX call. returns a JSON string containing meta information about a specific WordPress Plugin.
 	 *
@@ -147,8 +148,8 @@ class MCI_Footnotes_Layout_Init {
 		// TODO: add nonce verification.
 
 		// get plugin internal name from POST data.
-		if ( isset( $_POST['plugin'] ) && 'true' === $_POST['plugin'] ) {
-			$l_str_plugin_name = santitize_option( wp_unslash( $_POST['plugin'] ) );
+		if ( isset( $_POST['plugin'] ) ) {
+			$l_str_plugin_name = sanitize_text_field( wp_unslash( $_POST['plugin'] ) );
 		}
 
 		if ( empty( $l_str_plugin_name ) ) {
@@ -199,4 +200,5 @@ class MCI_Footnotes_Layout_Init {
 		);
 		exit;
 	}
+	// phpcs:enable
 }