From 1c6ac0fc1390510a0f0e12295c86e90bc313f2ef Mon Sep 17 00:00:00 2001 From: Harald Eilertsen Date: Sat, 12 Mar 2022 18:42:33 +0100 Subject: Move update new venue form to class. Also fix nonce checking. --- includes/admin/views/giglog_admin_page.php | 20 +++----------------- 1 file changed, 3 insertions(+), 17 deletions(-) (limited to 'includes/admin/views/giglog_admin_page.php') diff --git a/includes/admin/views/giglog_admin_page.php b/includes/admin/views/giglog_admin_page.php index a2682a1..7da93de 100644 --- a/includes/admin/views/giglog_admin_page.php +++ b/includes/admin/views/giglog_admin_page.php @@ -82,23 +82,9 @@ if ( !class_exists( 'GiglogAdmin_AdminPage' ) ) { return; } - if(isset($_POST['newvenue'])) - { - if (!isset($_POST['giglog_new_venue_nonce']) - || wp_verify_nonce($_POST['giglog_new_venue_nonce'], plugin_basename( __FILE__ ))) - { - header("{$_SERVER['SERVER_PROTOCOL']} 403 Forbidden"); - wp_die('CSRF validation failed.', 403); - } - - if (empty($_POST['venuename']) || empty($_POST['venuecity'])) { - echo ''; - } - else - { - GiglogAdmin_Venue::create($_POST['venuename'],$_POST['venuecity']); - echo ''; - } + if (isset($_POST['newvenue'])) { + GiglogAdmin_NewVenueForm::update(); + return; } } } -- cgit v1.2.3