Rename nonce and remove extra escaping

rtCamp · Feb 22, 2024 · 5addcd9 · 5addcd9
1 parent 27f8296
commit 5addcd9
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 13 deletions.
diff --git a/admin/js/rt-transcoder-admin.js b/admin/js/rt-transcoder-admin.js
@@ -46,7 +46,7 @@
 
 						var data = {
 							action: 'rt_disable_transcoding',
-							rt_transcoder_security: rt_transcoder_script.security_nonce
+							rt_transcoder_security: rt_transcoder_script.security_nonce_for_disabling_encoding
 						};
 
 						if ( $( this ).next( 'img' ).length === 0 ) {
@@ -85,7 +85,8 @@
 					if ( confirm( rt_transcoder_script.enable_encoding ) ) {
 
 						var data = {
-							action: 'rt_enable_transcoding'
+							action: 'rt_enable_transcoding',
+							rt_transcoder_security: rt_transcoder_script.security_nonce_for_enabling_encoding
 						};
 
 						if ( $( this ).next( 'img' ).length === 0 ) {

diff --git a/admin/rt-transcoder-admin.php b/admin/rt-transcoder-admin.php
@@ -196,13 +196,14 @@ public function enqueue_scripts_styles() {
 		wp_register_script( 'rt-transcoder-main', RT_TRANSCODER_URL . 'admin/js/rt-transcoder-admin' . $suffix . '.js', array( 'jquery' ), RT_TRANSCODER_VERSION, true );
 
 		$localize_script_data = array(
-			'admin_url'            => esc_url( admin_url() ),
-			'loader_image'         => esc_url( admin_url( 'images/loading.gif' ) ),
-			'disable_encoding'     => esc_html__( 'Are you sure you want to disable the transcoding service?', 'transcoder' ),
-			'enable_encoding'      => esc_html__( 'Are you sure you want to enable the transcoding service?', 'transcoder' ),
-			'something_went_wrong' => esc_html__( 'Something went wrong. Please ', 'transcoder' ) . '<a href onclick="location.reload();">' . esc_html__( 'refresh', 'transcoder' ) . '</a>' . esc_html__( ' page.', 'transcoder' ),
-			'error_empty_key'      => esc_html__( 'Please enter the license key.', 'transcoder' ),
-			'security_nonce'       => esc_js( wp_create_nonce( 'rt-transcoder-check-ajax-calls-nonce' ) ),
+			'admin_url'                             => esc_url( admin_url() ),
+			'loader_image'                          => esc_url( admin_url( 'images/loading.gif' ) ),
+			'disable_encoding'                      => esc_html__( 'Are you sure you want to disable the transcoding service?', 'transcoder' ),
+			'enable_encoding'                       => esc_html__( 'Are you sure you want to enable the transcoding service?', 'transcoder' ),
+			'something_went_wrong'                  => esc_html__( 'Something went wrong. Please ', 'transcoder' ) . '<a href onclick="location.reload();">' . esc_html__( 'refresh', 'transcoder' ) . '</a>' . esc_html__( ' page.', 'transcoder' ),
+			'error_empty_key'                       => esc_html__( 'Please enter the license key.', 'transcoder' ),
+			'security_nonce_for_enabling_encoding'  => wp_create_nonce( 'rt_enable_transcoding' ),
+			'security_nonce_for_disabling_encoding' => wp_create_nonce( 'rt_disable_transcoding' ),
 		);
 
 		wp_localize_script( 'rt-transcoder-main', 'rt_transcoder_script', $localize_script_data );

diff --git a/admin/rt-transcoder-handler.php b/admin/rt-transcoder-handler.php
@@ -1269,7 +1269,6 @@ public function handle_callback() {
 	 * @since 1.0.0
 	 */
 	public function hide_transcoding_notice() {
-		check_ajax_referer( 'rt-transcoder-check-ajax-calls-nonce', 'rt_transcoder_security', true );
 		update_site_option( 'rt-transcoding-service-notice', true );
 		update_site_option( 'rt-transcoding-expansion-notice', true );
 		echo true;
@@ -1282,7 +1281,6 @@ public function hide_transcoding_notice() {
 	 * @since 1.0
 	 */
 	public function enter_api_key() {
-		check_ajax_referer( 'rt-transcoder-check-ajax-calls-nonce', 'rt_transcoder_security', true );
 		$apikey = transcoder_filter_input( INPUT_GET, 'apikey', FILTER_SANITIZE_FULL_SPECIAL_CHARS );
 		if ( ! empty( $apikey ) ) {
 			echo wp_json_encode( array( 'apikey' => $apikey ) );
@@ -1298,7 +1296,7 @@ public function enter_api_key() {
 	 * @since 1.0.0
 	 */
 	public function disable_transcoding() {
-		check_ajax_referer( 'rt-transcoder-check-ajax-calls-nonce', 'rt_transcoder_security', true );
+		check_ajax_referer( 'rt_disable_transcoding', 'rt_transcoder_security', true );
 		update_site_option( 'rt-transcoding-api-key', '' );
 		esc_html_e( 'Transcoding disabled successfully.', 'transcoder' );
 		die();
@@ -1310,7 +1308,7 @@ public function disable_transcoding() {
 	 * @since 1.0.0
 	 */
 	public function enable_transcoding() {
-		check_ajax_referer( 'rt-transcoder-check-ajax-calls-nonce', 'rt_transcoder_security', true );
+		check_ajax_referer( 'rt_enable_transcoding', 'rt_transcoder_security', true );
 		update_site_option( 'rt-transcoding-api-key', $this->stored_api_key );
 		esc_html_e( 'Transcoding enabled successfully.', 'transcoder' );
 		die();