Skip to content

Commit

Permalink
Fix sanitizing
Browse files Browse the repository at this point in the history
  • Loading branch information
@darylldoyle
darylldoyle committed Oct 26, 2023
1 parent 4a9e2e9 commit 5fb2b13
Showing 1 changed file with 12 additions and 7 deletions.
19 changes: 12 additions & 7 deletions includes/classes/SSO/SSO.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,11 +77,13 @@ public function ms_save_settings() {
return;
}

// We're only checking if the var exists here, so no need to sanitize.
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
if ( ! isset( $_POST['tenup_allow_sso'] ) ) {
return;
}

$setting = $this->validate_sso_setting( $_POST['tenup_allow_sso'] );
$setting = $this->validate_sso_setting( sanitize_text_field( $_POST['tenup_allow_sso'] ) );

update_site_option( 'tenup_allow_sso', $setting );
}
Expand Down Expand Up @@ -272,9 +274,11 @@ public function process_client_login() {
$redirect_to = admin_url();
$requested_redirect_to = '';

// We're only checking if the var exists here, so no need to sanitize.
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
if ( isset( $_REQUEST['redirect_to'] ) ) {
$redirect_to = $_REQUEST['redirect_to'];
$requested_redirect_to = $_REQUEST['redirect_to'];
$redirect_to = sanitize_text_field( $_REQUEST['redirect_to'] );
$requested_redirect_to = sanitize_text_field( $_REQUEST['redirect_to'] );
}

$redirect_to = apply_filters( 'login_redirect', $redirect_to, $requested_redirect_to, $user );
Expand All @@ -299,8 +303,8 @@ public function process_client_login() {
$tenup_login_failed = true;
} else {
$redirect_url = wp_login_url();
if ( isset( $_REQUEST['redirect_to'] ) && is_string( $_REQUEST['redirect_to'] ) ) {
$redirect_url = add_query_arg( 'redirect_to', rawurlencode( $_REQUEST['redirect_to'] ), $redirect_url );
if ( isset( $_REQUEST['redirect_to'] ) && is_string( sanitize_text_field( $_REQUEST['redirect_to'] ) ) ) {
$redirect_url = add_query_arg( 'redirect_to', rawurlencode( sanitize_text_field( $_REQUEST['redirect_to'] ) ), $redirect_url );
}

$proxy_url = add_query_arg(
Expand All @@ -323,10 +327,11 @@ public function process_client_login() {
public function update_login_form() {
$google_login = add_query_arg( 'action', '10up-login', wp_login_url() );
if ( isset( $_REQUEST['redirect_to'] ) ) {
$google_login = add_query_arg( 'redirect_to', rawurlencode( $_REQUEST['redirect_to'] ), $google_login );
$google_login = add_query_arg( 'redirect_to', rawurlencode( sanitize_text_field( $_REQUEST['redirect_to'] ) ), $google_login );
}

?><script type="text/javascript">
?>
<script type="text/javascript">
(function() {
document.getElementById('loginform').insertAdjacentHTML(
'beforebegin',
Expand Down

0 comments on commit 5fb2b13

Please sign in to comment.