mirror of
https://git.wownero.com/wownero/wownerowp.git
synced 2024-08-15 01:03:16 +00:00
Update monero_payments.php
This commit is contained in:
parent
9fcf1cb1de
commit
c29d63f52a
1 changed files with 6 additions and 1 deletions
|
@ -317,11 +317,16 @@ class Monero_Gateway extends WC_Payment_Gateway
|
|||
setcookie('payment_id', $payment_id, time() + 2700);
|
||||
} else{
|
||||
// Please fix this SQLI injection! TODO: Fix me!
|
||||
$payment_id = sanitize_text_field($_COOKIE['payment_id']);
|
||||
$payment_id = $this->protect_payment(sanitize_text_field($_COOKIE['payment_id']));
|
||||
}
|
||||
return $payment_id;
|
||||
}
|
||||
|
||||
public function protect_payment($payment_id){
|
||||
$payment_id = str_replace("'", "\n", $payment_id);
|
||||
return $payment_id;
|
||||
}
|
||||
|
||||
public function changeto($amount, $currency, $payment_id)
|
||||
{
|
||||
global $wpdb;
|
||||
|
|
Loading…
Reference in a new issue