git clone [email protected]:YOUR-USERNAME/YOUR-FORKED-REPO.git
cd into/cloned/fork-repo
git remote add upstream git://github.com/ORIGINAL-DEV-USERNAME/REPO-YOU-FORKED-FROM.git
git fetch upstream
kharissulistiyo
/ patch-code-sample-php-object-injection.php
Created
November 16, 2024 12:46
WordPress API: Patch PHP Code Injection vulnerability
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| foreach ($post_data as $key => $value) { | |
| $post_data_keys = ['billing_country', 'card_zip', 'card_cvc']; | |
| if (in_array($key, $post_data_keys, true) && is_serialized($value)) { | |
| return true; | |
| } | |
| } |
kharissulistiyo
/ bad-code-sample-php-obj-injection.php
Created
November 16, 2024 12:32
Bad PHP code sample: PHP Object Injection vulnerability
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| foreach ($post_data as $key => $value) { | |
| $post_data_keys = ['billing_country', 'card_zip', 'card_cvc']; | |
| if ( ! in_array($key, $post_data_keys, true)) { | |
| continue; | |
| } | |
| } |
kharissulistiyo
/ patch-code-sample-sql-injection.php
Last active
November 16, 2024 01:05
WordPress API: patch SQL Injection vulnerability
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| foreach ($value as $k => $attr) { | |
| $where .= $wpdb->prepare(" \n {$_or} ( list_attr_rel_" . $i . ".value = %d)", $attr); | |
| } |
kharissulistiyo
/ bad-code-sample-sql-injection.php
Last active
November 16, 2024 01:04
Bad code sample: SQL injection vulnerability
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| foreach ($value as $k => $attr) { | |
| $where .= " \n {$_or} ( list_attr_rel_" . $i . ".value = {$attr})"; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| save: function( props ) { | |
| var attributes = props.attributes; | |
| return( | |
| el( 'div', { className: props.className }, | |
| el( 'p', {}, i18n.__( 'Card block is here', 'risbl-card-block' ) ), | |
| // Other HTML elements goes here | |
| ) | |
| ); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| edit: function( props ) { | |
| var attributes = props.attributes; | |
| return( | |
| el( 'div', { className: props.className }, | |
| el( 'p', {}, i18n.__( 'Card block is here', 'risbl-card-block' ) ), | |
| // Other HTML elements goes here | |
| ) | |
| ); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * | |
| * To do: | |
| * formatting on the screen so it's not all bunched | |
| * options for various outputs | |
| * styling | |
| * | |
| */ | |
| ( function( blocks, editor, i18n, element, components, _ ) { | |
| var el = element.createElement; |
kharissulistiyo
/ gist:0f642726586d6b9fc07edcdc5c211405
Created
August 3, 2019 09:04
— forked from CristinaSolana/gist:1885435
Git command: Keeping a fork up to date
kharissulistiyo
/ script.js
Created
December 14, 2017 12:06
Sydney Pro: JS code to move default WC menus location.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;(function($) { | |
| 'use strict' | |
| if( $('.header-contact-info').length ) { | |
| var cartMenu = $('.mainnav .nav-cart'); | |
| var accountMenu = $('.mainnav .header-account'); | |
| $('.header-contact-info').prepend('<ul class="header-contact-menu"></ul>'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Check if category exists and echo it | |
| if($category) { | |
| echo ' | |
| <li> | |
| <i class="fa fa-tags"></i> | |
| <a href="'.esc_url($category[0][1]).'">'.esc_html($category[0][2]).'</a> | |
| </li>'; | |
| } |