diff options
Diffstat (limited to 'Postman/PostmanUtils.php')
| -rw-r--r-- | Postman/PostmanUtils.php | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/Postman/PostmanUtils.php b/Postman/PostmanUtils.php index 6858fe3..335d0f3 100644 --- a/Postman/PostmanUtils.php +++ b/Postman/PostmanUtils.php @@ -1,4 +1,7 @@ <?php +if ( ! defined( 'ABSPATH' ) ) { + exit; // Exit if accessed directly +} require_once 'PostmanLogger.php'; require_once 'PostmanState.php'; @@ -368,9 +371,9 @@ class PostmanUtils { */ static function postmanGetServerName() { if ( ! empty( $_SERVER ['SERVER_NAME'] ) ) { - $serverName = $_SERVER ['SERVER_NAME']; + $serverName = sanitize_text_field($_SERVER ['SERVER_NAME']); } else if ( ! empty( $_SERVER ['HTTP_HOST'] ) ) { - $serverName = $_SERVER ['HTTP_HOST']; + $serverName = sanitize_text_field($_SERVER ['HTTP_HOST']); } else { $serverName = 'localhost.localdomain'; } @@ -410,6 +413,7 @@ class PostmanUtils { * @param mixed $callbackName */ public static function registerAjaxHandler( $actionName, $class, $callbackName ) { + if ( is_admin() ) { $fullname = 'wp_ajax_' . $actionName; // $this->logger->debug ( 'Registering ' . 'wp_ajax_' . $fullname . ' Ajax handler' ); |