Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Clarify nonce verification ignores

This commit is contained in:
Justin Palmer 2023-11-14 00:45:05 +01:00
parent dd629741f5
commit 7f100ac88a
No known key found for this signature in database
GPG Key ID: ACAB7C35AA2577AF
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/woocommerce/src/Internal/Orders/SourceAttributionController.php
View File

@ -126,6 +126,7 @@ class SourceAttributionController implements RegisterHooksInterface {
add_action(
'woocommerce_order_save_attribution_source_data',
function( $order, $data = array() ) {
// Nonce check is handled by WooCommerce before woocommerce_checkout_order_created hook.
// phpcs:ignore WordPress.Security.NonceVerification
$source_data = $this->get_source_values( empty( $data ) ? $_POST : $data );
$this->send_order_tracks( $source_data, $order );
@ -341,6 +342,7 @@ class SourceAttributionController implements RegisterHooksInterface {
* @return void
*/
private function set_customer_source_data( WC_Customer $customer ) {
// Nonce check is handled before user_register hook.
// phpcs:ignore WordPress.Security.NonceVerification
foreach ( $this->get_source_values( $_POST ) as $key => $value ) {
$customer->add_meta_data( $this->get_meta_prefixed_field( $key ), $value );