Merge pull request #131 from mashirozx/dev

add nonce check for api
mashirozx · Nov 14, 2019 · 83498e1 · 83498e1
2 parents 8e74d66 + 3ac9b3a
commit 83498e1
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 9 deletions.
diff --git a/functions.php b/functions.php
@@ -7,7 +7,7 @@
  * @package Sakura
  */
 
-define( 'SAKURA_VERSION', '3.3.0' );
+define( 'SAKURA_VERSION', '3.3.1' );
 define( 'BUILD_VERSION', '3' );
 define( 'JSDELIVR_VERSION', '3.6.7' );
 

diff --git a/header.php b/header.php
@@ -77,9 +77,9 @@
 </script>
 <?php endif; ?>
 </head>
-<body <?php body_class(); ?>>
+<body nonce-data="<?php echo wp_create_nonce( 'wp_rest' ); ?>" <?php body_class(); ?>>
     <?php if(get_template_directory_uri() != get_site_url().'/wp-content/themes/Sakura') echo '<div style="position:fixed;height:100%;width:100%;top:0;left:0;font-size:20px;z-index:999999;background-color: #fff;">Plz rename the theme folder name as <span style="color:red">Sakura</span>!<br>请将主题文件夹名改为 <span style="color:red">Sakura</span>！</div>'; ?>
-    <?php if(!function_exists('curl_exec')) echo '<div style="position:fixed;height:100%;width:100%;top:0;left:0;font-size:20px;z-index:999999;background-color: #fff;">主题需要 PHP 的 curl 支持！请在 `php.ini` 里开启或者联系你的主机商。<br>The theme requires PHP\'s curl support! Please turn on in `php.ini` or contact your hosting provider.</div>' ?>;
+    <?php if(!function_exists('curl_exec')) echo '<div style="position:fixed;height:100%;width:100%;top:0;left:0;font-size:20px;z-index:999999;background-color: #fff;">主题需要 PHP 的 curl 支持！请在 `php.ini` 里开启或者联系你的主机商。<br>The theme requires PHP\'s curl support! Please turn on in `php.ini` or contact your hosting provider.</div>'; ?>
 		<div class="scrollbar" id="bar"></div>
 	<section id="main-container">
 		<?php 

diff --git a/inc/api.php b/inc/api.php
@@ -17,7 +17,7 @@
 /**
  * Image uploader response
  */
-function upload_image(WP_REST_Request $req)
+function upload_image(WP_REST_Request $request)
 {
   // see: https://developer.wordpress.org/rest-api/requests/
 
@@ -28,8 +28,20 @@ function upload_image(WP_REST_Request $req)
    *   -F "[email protected]" \
    *   https://dev.2heng.xin/wp-json/sakura/v1/image/upload
    */
-  // $file = $req->get_file_params();
-
+  // $file = $request->get_file_params();
+  if ( !check_ajax_referer('wp_rest', '_wpnonce', false) ) {
+    $output = array(
+      'status' => 403,
+      'success' => false,
+      'message' => 'Unauthorized client.',
+      'link' => "https://view.moezx.cc/images/2019/11/14/step04.md.png",
+      'proxy' => akina_option('cmt_image_proxy') . "https://view.moezx.cc/images/2019/11/14/step04.md.png",
+    );
+    $result = new WP_REST_Response($output, 403);
+    $result->set_headers(array('Content-Type' => 'application/json'));
+    return $result;
+  }
+
   switch (akina_option("img_upload_api")) {
     case 'imgur':
       $image = file_get_contents($_FILES["cmt_img_file"]["tmp_name"]);
@@ -254,4 +266,4 @@ function cache_search_json()
         'Cache-Control' => 'max-age=3600')); // json 缓存控制
 
     return $result;
-}
+}
diff --git a/js/sakura-app.js b/js/sakura-app.js
@@ -182,7 +182,7 @@ function attach_image() {
             var formData = new FormData();
             formData.append('cmt_img_file', f);
             $.ajax({
-                url: '/wp-json/sakura/v1/image/upload',
+                url: '/wp-json/sakura/v1/image/upload/?_wpnonce='+$('body').attr('nonce-data'),
                 type: 'POST',
                 processData: false,
                 contentType: false,

diff --git a/style.css b/style.css
@@ -5,7 +5,7 @@ Theme URI: https://2heng.xin/theme-sakura/
 Author: Mashiro, Louie, Fuzzz
 Author URI: http://2heng.xin
 Description: A branch of theme Akina
-Version: 3.3.0
+Version: 3.3.1
 License: GNU General Public License v2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 Text Domain: sakura