Verified Commit 248f836f authored by noplanman's avatar noplanman
Browse files

Make sure nonce field is always added on profile page

parent b6508505
Pipeline #5597 canceled with stage
......@@ -43,8 +43,8 @@
<em><?php esc_html_e( 'To activate WP-OTP, enter the One Time Password from your authenticator app and save your profile.', 'wp-otp' ); ?></em><br><br>
<label for="wp-otp-code"><?php esc_html_e( 'One Time Password', 'wp-otp' ); ?></label><br>
<input type="text" class="input" name="wp-otp-code" id="wp-otp-code"/>
<?php wp_nonce_field( 'wp_otp_nonce', 'wp_otp_nonce', false ); ?>
<?php endif; ?>
<?php wp_nonce_field( 'wp_otp_nonce', 'wp_otp_nonce', false ); ?>
<img id="wp-otp-qr-code" src="<?php echo esc_attr( $otp_qr_code_img_uri ); ?>" alt="<?php esc_attr_e( 'QR Code to scan with mobile app', 'wp-otp' ); ?>"/><br>
......@@ -94,6 +94,9 @@ This means that you will need to add your OTP (or recovery) code at the end of y
== Changelog ==
= unreleased =
* Fix nonce issue when saving profile.
= 0.6.0 =
* Require at least PHP 7.4 and update all code.
* Allow for PHP 8.0.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment