Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #20695 from woocommerce/fix/20684 

Check if $_POST['store_state'] is set before using it
This commit is contained in:
Claudiu Lodromanean 2018-07-03 11:11:16 -07:00 committed by GitHub
parent 78015f7265 7cdcae5bff
commit 7b56840f36
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
includes/admin/class-wc-admin-setup-wizard.php
View File

@ -509,18 +509,19 @@ class WC_Admin_Setup_Wizard {
*/
public function wc_setup_store_setup_save() {
check_admin_referer( 'wc-setup' );
// @codingStandardsIgnoreStart
// phpcs:disable WordPress.VIP.SuperGlobalInputUsage.AccessDetected, WordPress.VIP.ValidatedSanitizedInput.InputNotValidated, WordPress.VIP.ValidatedSanitizedInput.MissingUnslash
$address = sanitize_text_field( $_POST['store_address'] );
$address_2 = sanitize_text_field( $_POST['store_address_2'] );
$city = sanitize_text_field( $_POST['store_city'] );
$country = sanitize_text_field( $_POST['store_country'] );
$state = sanitize_text_field( $_POST['store_state'] );
$state = isset( $_POST['store_state'] ) ? sanitize_text_field( $_POST['store_state'] ) : false;
$postcode = sanitize_text_field( $_POST['store_postcode'] );
$currency_code = sanitize_text_field( $_POST['currency_code'] );
$product_type = sanitize_text_field( $_POST['product_type'] );
$sell_in_person = isset( $_POST['sell_in_person'] ) && ( 'yes' === sanitize_text_field( $_POST['sell_in_person'] ) );
$tracking = isset( $_POST['wc_tracker_checkbox'] ) && ( 'yes' === sanitize_text_field( $_POST['wc_tracker_checkbox'] ) );
// @codingStandardsIgnoreEnd
// phpcs:enable
if ( ! $state ) {
$state = '*';