|
4 | 4 | * Plugin Name: Content API |
5 | 5 | * Plugin URI: https://www.polyplugins.com/contact/ |
6 | 6 | * Description: Adds various endpoints to create content |
7 | | - * Version: 1.2.0 |
| 7 | + * Version: 1.2.1 |
8 | 8 | * Requires at least: 6.5 |
9 | 9 | * Requires PHP: 7.4 |
10 | 10 | * Author: Poly Plugins |
@@ -2595,8 +2595,8 @@ public function maybe_display_last_accessed_notice() { |
2595 | 2595 | <p>Content API Last Accessed: <strong><?php echo esc_html($formatted_time); ?></strong></p> |
2596 | 2596 | </div> |
2597 | 2597 | <?php else : ?> |
2598 | | - <div class="notice <?php echo esc_attr($notice_class); ?>" style="background-color: #D63638; color: #fff;"> |
2599 | | - <p>Content API Last Accessed: <strong><?php echo esc_html($formatted_time); ?></strong></p> |
| 2598 | + <div class="notice <?php echo esc_attr($notice_class); ?>" style="background-color: #D63638!important; color: #fff!important; border-color: #D63638!important; border-radius: 5px!important;"> |
| 2599 | + <p style="color: #fff!important;">Content API Last Accessed: <strong><?php echo esc_html($formatted_time); ?></strong></p> |
2600 | 2600 | </div> |
2601 | 2601 | <?php endif; ?> |
2602 | 2602 | <?php |
@@ -2778,10 +2778,15 @@ public function maybe_send_last_accessed_email_notification() { |
2778 | 2778 | */ |
2779 | 2779 | public function has_permission(WP_REST_Request $request) { |
2780 | 2780 | $this->options = get_option('content_api_options_polyplugins'); |
2781 | | - $token = $this->options['token']; |
| 2781 | + $token = isset($this->options['token']) ? $this->options['token'] : ''; |
| 2782 | + |
| 2783 | + if (empty($token)) { |
| 2784 | + return new WP_Error('not_authorized', "Not Authorized", array('status' => 401)); |
| 2785 | + } |
| 2786 | + |
2782 | 2787 | $request_token = $this->get_request_token($request->get_header('authorization')); |
2783 | | - |
2784 | | - if ($request_token !== $token) { |
| 2788 | + |
| 2789 | + if (empty($request_token) || !hash_equals($token, $request_token)) { |
2785 | 2790 | return new WP_Error('not_authorized', "Not Authorized", array('status' => 401)); |
2786 | 2791 | } |
2787 | 2792 |
|
@@ -3001,6 +3006,8 @@ private function post_data_missing($parameters) { |
3001 | 3006 | * @return string $token The token |
3002 | 3007 | */ |
3003 | 3008 | private function get_request_token($authorization) { |
| 3009 | + $token = ''; |
| 3010 | + |
3004 | 3011 | if ($authorization) { |
3005 | 3012 | $parts = explode(' ', $authorization); |
3006 | 3013 |
|
|
0 commit comments