diff --git src/bp-core/bp-core-attachments.php src/bp-core/bp-core-attachments.php
index 64344bf9e..78bb6cfef 100644
|
|
function bp_attachments_cover_image_generate_file( $args = array(), $cover_image |
1189 | 1189 | * error message otherwise. |
1190 | 1190 | */ |
1191 | 1191 | function bp_attachments_cover_image_ajax_upload() { |
1192 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 1192 | if ( ! bp_is_post_request() ) { |
1193 | 1193 | wp_die(); |
1194 | 1194 | } |
1195 | 1195 | |
… |
… |
add_action( 'wp_ajax_bp_cover_image_upload', 'bp_attachments_cover_image_ajax_up |
1378 | 1378 | * error message otherwise. |
1379 | 1379 | */ |
1380 | 1380 | function bp_attachments_cover_image_ajax_delete() { |
1381 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 1381 | if ( ! bp_is_post_request() ) { |
1382 | 1382 | wp_send_json_error(); |
1383 | 1383 | } |
1384 | 1384 | |
diff --git src/bp-core/bp-core-avatars.php src/bp-core/bp-core-avatars.php
index 293c8725e..eea116217 100644
|
|
function bp_core_delete_existing_avatar( $args = '' ) { |
809 | 809 | * error message otherwise. |
810 | 810 | */ |
811 | 811 | function bp_avatar_ajax_delete() { |
812 | | // Bail if not a POST action. |
813 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 812 | if ( ! bp_is_post_request() ) { |
814 | 813 | wp_send_json_error(); |
815 | 814 | } |
816 | 815 | |
… |
… |
function bp_core_avatar_handle_upload( $file, $upload_dir_filter ) { |
952 | 951 | * error message otherwise. |
953 | 952 | */ |
954 | 953 | function bp_avatar_ajax_upload() { |
955 | | // Bail if not a POST action. |
956 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 954 | if ( ! bp_is_post_request() ) { |
957 | 955 | wp_die(); |
958 | 956 | } |
959 | 957 | |
… |
… |
function bp_core_avatar_handle_crop( $args = '' ) { |
1237 | 1235 | * error message otherwise. |
1238 | 1236 | */ |
1239 | 1237 | function bp_avatar_ajax_set() { |
1240 | | // Bail if not a POST action. |
1241 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 1238 | if ( ! bp_is_post_request() ) { |
1242 | 1239 | wp_send_json_error(); |
1243 | 1240 | } |
1244 | 1241 | |
diff --git src/bp-settings/bp-settings-actions.php src/bp-settings/bp-settings-actions.php
index fef2d3122..ecf3cdba1 100644
|
|
defined( 'ABSPATH' ) || exit; |
27 | 27 | * @global BuddyPress $bp |
28 | 28 | */ |
29 | 29 | function bp_settings_action_general() { |
30 | | |
31 | | // Bail if not a POST action. |
32 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 30 | if ( ! bp_is_post_request() ) { |
33 | 31 | return; |
| 32 | } |
34 | 33 | |
35 | 34 | // Bail if no submit action. |
36 | | if ( ! isset( $_POST['submit'] ) ) |
| 35 | if ( ! isset( $_POST['submit'] ) ) { |
37 | 36 | return; |
| 37 | } |
38 | 38 | |
39 | 39 | // Bail if not in settings. |
40 | | if ( ! bp_is_settings_component() || ! bp_is_current_action( 'general' ) ) |
| 40 | if ( ! bp_is_settings_component() || ! bp_is_current_action( 'general' ) ) { |
41 | 41 | return; |
| 42 | } |
42 | 43 | |
43 | 44 | // 404 if there are any additional action variables attached |
44 | 45 | if ( bp_action_variables() ) { |
… |
… |
add_action( 'bp_actions', 'bp_settings_action_general' ); |
259 | 260 | * @since 1.6.0 |
260 | 261 | */ |
261 | 262 | function bp_settings_action_notifications() { |
262 | | |
263 | | // Bail if not a POST action. |
264 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 263 | if ( ! bp_is_post_request() ) { |
265 | 264 | return; |
| 265 | } |
266 | 266 | |
267 | 267 | // Bail if no submit action. |
268 | | if ( ! isset( $_POST['submit'] ) ) |
| 268 | if ( ! isset( $_POST['submit'] ) ) { |
269 | 269 | return; |
| 270 | } |
270 | 271 | |
271 | 272 | // Bail if not in settings. |
272 | | if ( ! bp_is_settings_component() || ! bp_is_current_action( 'notifications' ) ) |
| 273 | if ( ! bp_is_settings_component() || ! bp_is_current_action( 'notifications' ) ) { |
273 | 274 | return false; |
| 275 | } |
274 | 276 | |
275 | 277 | // 404 if there are any additional action variables attached |
276 | 278 | if ( bp_action_variables() ) { |
… |
… |
add_action( 'bp_actions', 'bp_settings_action_notifications' ); |
306 | 308 | * @since 1.6.0 |
307 | 309 | */ |
308 | 310 | function bp_settings_action_capabilities() { |
309 | | |
310 | | // Bail if not a POST action. |
311 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 311 | if ( ! bp_is_post_request() ) { |
312 | 312 | return; |
| 313 | } |
313 | 314 | |
314 | 315 | // Bail if no submit action. |
315 | | if ( ! isset( $_POST['capabilities-submit'] ) ) |
| 316 | if ( ! isset( $_POST['capabilities-submit'] ) ) { |
316 | 317 | return; |
| 318 | } |
317 | 319 | |
318 | 320 | // Bail if not in settings. |
319 | | if ( ! bp_is_settings_component() || ! bp_is_current_action( 'capabilities' ) ) |
| 321 | if ( ! bp_is_settings_component() || ! bp_is_current_action( 'capabilities' ) ) { |
320 | 322 | return false; |
| 323 | } |
321 | 324 | |
322 | 325 | // 404 if there are any additional action variables attached |
323 | 326 | if ( bp_action_variables() ) { |
… |
… |
add_action( 'bp_actions', 'bp_settings_action_capabilities' ); |
380 | 383 | * @since 1.6.0 |
381 | 384 | */ |
382 | 385 | function bp_settings_action_delete_account() { |
383 | | |
384 | | // Bail if not a POST action. |
385 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 386 | if ( ! bp_is_post_request() ) { |
386 | 387 | return; |
| 388 | } |
387 | 389 | |
388 | 390 | // Bail if no submit action. |
389 | | if ( ! isset( $_POST['delete-account-understand'] ) ) |
| 391 | if ( ! isset( $_POST['delete-account-understand'] ) ) { |
390 | 392 | return; |
| 393 | } |
391 | 394 | |
392 | 395 | // Bail if not in settings. |
393 | | if ( ! bp_is_settings_component() || ! bp_is_current_action( 'delete-account' ) ) |
| 396 | if ( ! bp_is_settings_component() || ! bp_is_current_action( 'delete-account' ) ) { |
394 | 397 | return false; |
| 398 | } |
395 | 399 | |
396 | 400 | // 404 if there are any additional action variables attached |
397 | 401 | if ( bp_action_variables() ) { |
diff --git src/bp-templates/bp-legacy/buddypress-functions.php src/bp-templates/bp-legacy/buddypress-functions.php
index d0cd488e0..c7c3cd31a 100644
|
|
function bp_legacy_theme_ajax_querystring( $query_string, $object ) { |
779 | 779 | * @return string|null Prints template loop for the specified object |
780 | 780 | */ |
781 | 781 | function bp_legacy_theme_object_template_loader() { |
782 | | // Bail if not a POST action. |
783 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 782 | if ( ! bp_is_post_request() ) { |
784 | 783 | return; |
| 784 | } |
785 | 785 | |
786 | 786 | // Bail if no object passed. |
787 | | if ( empty( $_POST['object'] ) ) |
| 787 | if ( empty( $_POST['object'] ) ) { |
788 | 788 | return; |
| 789 | } |
789 | 790 | |
790 | 791 | // Sanitize the object. |
791 | 792 | $object = sanitize_title( $_POST['object'] ); |
792 | 793 | |
793 | 794 | // Bail if object is not an active component to prevent arbitrary file inclusion. |
794 | | if ( ! bp_is_active( $object ) ) |
| 795 | if ( ! bp_is_active( $object ) ) { |
795 | 796 | return; |
| 797 | } |
796 | 798 | |
797 | 799 | /** |
798 | 800 | * AJAX requests happen too early to be seen by bp_update_is_directory() |
… |
… |
function bp_legacy_theme_requests_template_loader() { |
859 | 861 | * for the Activity component) and 'feed_url' (URL to the relevant RSS feed). |
860 | 862 | */ |
861 | 863 | function bp_legacy_theme_activity_template_loader() { |
862 | | // Bail if not a POST action. |
863 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 864 | if ( ! bp_is_post_request() ) { |
864 | 865 | return; |
| 866 | } |
865 | 867 | |
866 | 868 | $scope = ''; |
867 | 869 | if ( ! empty( $_POST['scope'] ) ) |
… |
… |
function bp_legacy_theme_activity_template_loader() { |
920 | 922 | function bp_legacy_theme_post_update() { |
921 | 923 | $bp = buddypress(); |
922 | 924 | |
923 | | // Bail if not a POST action. |
924 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 925 | if ( ! bp_is_post_request() ) { |
925 | 926 | return; |
| 927 | } |
926 | 928 | |
927 | 929 | // Check the nonce. |
928 | 930 | check_admin_referer( 'post_update', '_wpnonce_post_update' ); |
… |
… |
function bp_legacy_theme_new_activity_comment() { |
1009 | 1011 | |
1010 | 1012 | $bp = buddypress(); |
1011 | 1013 | |
1012 | | // Bail if not a POST action. |
1013 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 1014 | if ( ! bp_is_post_request() ) { |
1014 | 1015 | return; |
1015 | 1016 | } |
1016 | 1017 | |
… |
… |
function bp_legacy_theme_new_activity_comment() { |
1078 | 1079 | * @return mixed String on error, void on success. |
1079 | 1080 | */ |
1080 | 1081 | function bp_legacy_theme_delete_activity() { |
1081 | | // Bail if not a POST action. |
1082 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1082 | if ( ! bp_is_post_request() ) { |
1083 | 1083 | return; |
| 1084 | } |
1084 | 1085 | |
1085 | 1086 | // Check the nonce. |
1086 | 1087 | check_admin_referer( 'bp_activity_delete_link' ); |
… |
… |
function bp_legacy_theme_delete_activity() { |
1116 | 1117 | * @return mixed String on error, void on success. |
1117 | 1118 | */ |
1118 | 1119 | function bp_legacy_theme_delete_activity_comment() { |
1119 | | // Bail if not a POST action. |
1120 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1120 | if ( ! bp_is_post_request() ) { |
1121 | 1121 | return; |
| 1122 | } |
1122 | 1123 | |
1123 | 1124 | // Check the nonce. |
1124 | 1125 | check_admin_referer( 'bp_activity_delete_link' ); |
… |
… |
function bp_legacy_theme_delete_activity_comment() { |
1158 | 1159 | function bp_legacy_theme_spam_activity() { |
1159 | 1160 | $bp = buddypress(); |
1160 | 1161 | |
1161 | | // Bail if not a POST action. |
1162 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1162 | if ( ! bp_is_post_request() ) { |
1163 | 1163 | return; |
| 1164 | } |
1164 | 1165 | |
1165 | 1166 | // Check that user is logged in, Activity Streams are enabled, and Akismet is present. |
1166 | 1167 | if ( ! is_user_logged_in() || ! bp_is_active( 'activity' ) || empty( $bp->activity->akismet ) ) |
… |
… |
function bp_legacy_theme_spam_activity() { |
1203 | 1204 | */ |
1204 | 1205 | function bp_legacy_theme_mark_activity_favorite() { |
1205 | 1206 | // Bail if not a POST action. |
1206 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1207 | if ( ! bp_is_post_request() ) { |
1207 | 1208 | return; |
| 1209 | } |
1208 | 1210 | |
1209 | 1211 | if ( ! isset( $_POST['nonce'] ) ) { |
1210 | 1212 | return; |
… |
… |
function bp_legacy_theme_mark_activity_favorite() { |
1232 | 1234 | * @return string|null HTML |
1233 | 1235 | */ |
1234 | 1236 | function bp_legacy_theme_unmark_activity_favorite() { |
1235 | | // Bail if not a POST action. |
1236 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1237 | if ( ! bp_is_post_request() ) { |
1237 | 1238 | return; |
| 1239 | } |
1238 | 1240 | |
1239 | 1241 | if ( ! isset( $_POST['nonce'] ) ) { |
1240 | 1242 | return; |
… |
… |
function bp_legacy_theme_unmark_activity_favorite() { |
1263 | 1265 | * @return string|null HTML |
1264 | 1266 | */ |
1265 | 1267 | function bp_legacy_theme_get_single_activity_content() { |
1266 | | // Bail if not a POST action. |
1267 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1268 | if ( ! bp_is_post_request() ) { |
1268 | 1269 | return; |
| 1270 | } |
1269 | 1271 | |
1270 | 1272 | $activity_array = bp_activity_get_specific( array( |
1271 | 1273 | 'activity_ids' => $_POST['activity_id'], |
… |
… |
function bp_legacy_theme_get_single_activity_content() { |
1303 | 1305 | * @todo Audit return types |
1304 | 1306 | */ |
1305 | 1307 | function bp_legacy_theme_ajax_invite_user() { |
1306 | | // Bail if not a POST action. |
1307 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1308 | if ( ! bp_is_post_request() ) { |
1308 | 1309 | return; |
| 1310 | } |
1309 | 1311 | |
1310 | 1312 | check_ajax_referer( 'groups_invite_uninvite_user' ); |
1311 | 1313 | |
… |
… |
function bp_legacy_theme_ajax_invite_user() { |
1386 | 1388 | * @return string|null HTML |
1387 | 1389 | */ |
1388 | 1390 | function bp_legacy_theme_ajax_addremove_friend() { |
1389 | | |
1390 | | // Bail if not a POST action. |
1391 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1391 | if ( ! bp_is_post_request() ) { |
1392 | 1392 | return; |
| 1393 | } |
1393 | 1394 | |
1394 | 1395 | // Cast fid as an integer. |
1395 | 1396 | $friend_id = (int) $_POST['fid']; |
… |
… |
function bp_legacy_theme_ajax_addremove_friend() { |
1440 | 1441 | * @return mixed String on error, void on success. |
1441 | 1442 | */ |
1442 | 1443 | function bp_legacy_theme_ajax_accept_friendship() { |
1443 | | // Bail if not a POST action. |
1444 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1444 | if ( ! bp_is_post_request() ) { |
1445 | 1445 | return; |
| 1446 | } |
1446 | 1447 | |
1447 | 1448 | check_admin_referer( 'friends_accept_friendship' ); |
1448 | 1449 | |
… |
… |
function bp_legacy_theme_ajax_accept_friendship() { |
1460 | 1461 | * @return mixed String on error, void on success. |
1461 | 1462 | */ |
1462 | 1463 | function bp_legacy_theme_ajax_reject_friendship() { |
1463 | | // Bail if not a POST action. |
1464 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1464 | if ( ! bp_is_post_request() ) { |
1465 | 1465 | return; |
| 1466 | } |
1466 | 1467 | |
1467 | 1468 | check_admin_referer( 'friends_reject_friendship' ); |
1468 | 1469 | |
… |
… |
function bp_legacy_theme_ajax_reject_friendship() { |
1480 | 1481 | * @return string|null HTML |
1481 | 1482 | */ |
1482 | 1483 | function bp_legacy_theme_ajax_joinleave_group() { |
1483 | | // Bail if not a POST action. |
1484 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1484 | if ( ! bp_is_post_request() ) { |
1485 | 1485 | return; |
| 1486 | } |
1486 | 1487 | |
1487 | 1488 | // Cast gid as integer. |
1488 | 1489 | $group_id = (int) $_POST['gid']; |
… |
… |
function bp_legacy_theme_ajax_joinleave_group() { |
1551 | 1552 | * @return mixed String on error, void on success. |
1552 | 1553 | */ |
1553 | 1554 | function bp_legacy_theme_ajax_close_notice() { |
1554 | | // Bail if not a POST action. |
1555 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1555 | if ( ! bp_is_post_request() ) { |
1556 | 1556 | return; |
| 1557 | } |
1557 | 1558 | |
1558 | 1559 | $nonce_check = isset( $_POST['nonce'] ) && wp_verify_nonce( wp_unslash( $_POST['nonce'] ), 'bp_messages_close_notice' ); |
1559 | 1560 | |
… |
… |
function bp_legacy_theme_ajax_close_notice() { |
1583 | 1584 | * @return string|null HTML |
1584 | 1585 | */ |
1585 | 1586 | function bp_legacy_theme_ajax_messages_send_reply() { |
1586 | | // Bail if not a POST action. |
1587 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) |
| 1587 | if ( ! bp_is_post_request() ) { |
1588 | 1588 | return; |
| 1589 | } |
1589 | 1590 | |
1590 | 1591 | check_ajax_referer( 'messages_send_message' ); |
1591 | 1592 | |
diff --git src/bp-templates/bp-nouveau/includes/activity/ajax.php src/bp-templates/bp-nouveau/includes/activity/ajax.php
index 3c5d210c2..730c43769 100644
|
|
bp_nouveau_register_ajax_actions( array( |
33 | 33 | * @return string JSON reply |
34 | 34 | */ |
35 | 35 | function bp_nouveau_ajax_mark_activity_favorite() { |
36 | | // Bail if not a POST action. |
37 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 36 | if ( ! bp_is_post_request() ) { |
38 | 37 | wp_send_json_error(); |
39 | 38 | } |
40 | 39 | |
… |
… |
function bp_nouveau_ajax_mark_activity_favorite() { |
74 | 73 | * @return string JSON reply |
75 | 74 | */ |
76 | 75 | function bp_nouveau_ajax_unmark_activity_favorite() { |
77 | | // Bail if not a POST action. |
78 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 76 | if ( ! bp_is_post_request() ) { |
79 | 77 | wp_send_json_error(); |
80 | 78 | } |
81 | 79 | |
… |
… |
function bp_nouveau_ajax_unmark_activity_favorite() { |
111 | 109 | * @return string JSON reply |
112 | 110 | */ |
113 | 111 | function bp_nouveau_ajax_clear_new_mentions() { |
114 | | // Bail if not a POST action. |
115 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 112 | if ( ! bp_is_post_request() ) { |
116 | 113 | wp_send_json_error(); |
117 | 114 | } |
118 | 115 | |
… |
… |
function bp_nouveau_ajax_delete_activity() { |
141 | 138 | ); |
142 | 139 | |
143 | 140 | // Bail if not a POST action. |
144 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 141 | if ( ! bp_is_post_request() ) { |
145 | 142 | wp_send_json_error( $response ); |
146 | 143 | } |
147 | 144 | |
… |
… |
function bp_nouveau_ajax_get_single_activity_content() { |
213 | 210 | ); |
214 | 211 | |
215 | 212 | // Bail if not a POST action. |
216 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 213 | if ( ! bp_is_post_request() ) { |
217 | 214 | wp_send_json_error( $response ); |
218 | 215 | } |
219 | 216 | |
… |
… |
function bp_nouveau_ajax_new_activity_comment() { |
272 | 269 | ); |
273 | 270 | |
274 | 271 | // Bail if not a POST action. |
275 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 272 | if ( ! bp_is_post_request() ) { |
276 | 273 | wp_send_json_error( $response ); |
277 | 274 | } |
278 | 275 | |
… |
… |
function bp_nouveau_ajax_spam_activity() { |
497 | 494 | ); |
498 | 495 | |
499 | 496 | // Bail if not a POST action. |
500 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 497 | if ( ! bp_is_post_request() ) { |
501 | 498 | wp_send_json_error( $response ); |
502 | 499 | } |
503 | 500 | |
diff --git src/bp-templates/bp-nouveau/includes/ajax.php src/bp-templates/bp-nouveau/includes/ajax.php
index aa5281cdb..e8d31e664 100644
|
|
defined( 'ABSPATH' ) || exit; |
15 | 15 | * @since 1.0.0 |
16 | 16 | */ |
17 | 17 | function bp_nouveau_ajax_object_template_loader() { |
18 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 18 | if ( ! bp_is_post_request() ) { |
19 | 19 | wp_send_json_error(); |
20 | 20 | } |
21 | 21 | |
diff --git src/bp-templates/bp-nouveau/includes/friends/ajax.php src/bp-templates/bp-nouveau/includes/friends/ajax.php
index 0cff3204e..ffc9a00ee 100644
|
|
function bp_nouveau_ajax_addremove_friend() { |
35 | 35 | ); |
36 | 36 | |
37 | 37 | // Bail if not a POST action. |
38 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 38 | if ( ! bp_is_post_request() ) { |
39 | 39 | wp_send_json_error( $response ); |
40 | 40 | } |
41 | 41 | |
diff --git src/bp-templates/bp-nouveau/includes/groups/ajax.php src/bp-templates/bp-nouveau/includes/groups/ajax.php
index 89924d718..ab11d29aa 100644
|
|
function bp_nouveau_ajax_joinleave_group() { |
39 | 39 | ); |
40 | 40 | |
41 | 41 | // Bail if not a POST action. |
42 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) || empty( $_POST['action'] ) ) { |
| 42 | if ( ! bp_is_post_request() || empty( $_POST['action'] ) ) { |
43 | 43 | wp_send_json_error( $response ); |
44 | 44 | } |
45 | 45 | |
diff --git src/bp-xprofile/bp-xprofile-actions.php src/bp-xprofile/bp-xprofile-actions.php
index f833c2ee1..39785fe86 100644
|
|
add_action( 'bp_actions', 'xprofile_action_delete_avatar' ); |
54 | 54 | function bp_xprofile_action_settings() { |
55 | 55 | |
56 | 56 | // Bail if not a POST action. |
57 | | if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) { |
| 57 | if ( ! bp_is_post_request() ) { |
58 | 58 | return; |
59 | 59 | } |
60 | 60 | |