Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add protection against wrong params in get_block_template_fallback() (https://github.com/woocommerce/woocommerce-blocks/pull/11690) 

* Add protection towards wrong params in get_block_template_fallback()

* Improve protection
This commit is contained in:
Albert Juhé Lluveras 2023-11-08 17:33:37 +01:00 committed by GitHub
parent f4d1372d06
commit 68e6b251b0
1 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
plugins/woocommerce-blocks/src/BlockTemplatesController.php
View File

@ -183,10 +183,22 @@ class BlockTemplatesController {
* @return object|null
*/
public function get_block_template_fallback( $template, $id, $template_type ) {
$template_name_parts = explode( '//', $id );
list( $theme, $slug ) = $template_name_parts;
// Add protection against invalid ids.
if ( ! is_string( $id ) || ! strstr( $id, '//' ) ) {
return null;
}
// Add protection against invalid template types.
if (
'wp_template' !== $template_type &&
'wp_template_part' !== $template_type
) {
return null;
}
$template_name_parts = explode( '//', $id );
$theme = $template_name_parts[0] ?? '';
$slug = $template_name_parts[1] ?? '';
if ( ! BlockTemplateUtils::template_is_eligible_for_product_archive_fallback( $slug ) ) {
if ( empty( $theme ) || empty( $slug ) || ! BlockTemplateUtils::template_is_eligible_for_product_archive_fallback( $slug ) ) {
return null;
}