Sanitize question_id when processing bulk delete action

shamimmoeen · shamimmoeen · commit 063ea0e1b7da · 2018-05-02T13:46:37.000+06:00
diff --git a/includes/admin/class-wp-job-manager-screening-questions-list-table-form-handler.php b/includes/admin/class-wp-job-manager-screening-questions-list-table-form-handler.php
@@ -142,15 +142,17 @@ public function process_bulk_action() {
             }
 
             $page_url = admin_url( 'admin.php?page=wp-job-manager-screening-questions' );
-            $delete_ids = $_POST['question_id'];
+            $delete_ids = isset( $_POST['question_id'] ) ? $_POST['question_id'] : array( );
 
-            if ( count( $delete_ids ) ) {
-                foreach ( $delete_ids as $id ) {
-                    $question_id = intval( $id );
+            if ( ! $delete_ids ) {
+                return;
+            }
+
+            foreach ( $delete_ids as $id ) {
+                $question_id = intval( $id );
 
-                    if ( $question_id > 0 ) {
-                        wpjmsq_delete_question( $question_id );
-                    }
+                if ( $question_id > 0 ) {
+                    wpjmsq_delete_question( $question_id );
                 }
             }
 
