From bd8777415c76794b1c20948c5856485936e0ecf3 Mon Sep 17 00:00:00 2001
From: Vitus Schuhwerk <vitus.schuhwerk@gmail.com>
Date: Sat, 6 Jul 2024 00:25:49 +0200
Subject: [PATCH] fix(acf-base.php): noces

In a recent security update ACF changed nonce handling for ajax-fields (the old way no longer works):
https://github.com/AdvancedCustomFields/acf/releases/tag/6.3.2
---
 fields/acf-base.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/fields/acf-base.php b/fields/acf-base.php
index 433e2ab..3330414 100644
--- a/fields/acf-base.php
+++ b/fields/acf-base.php
@@ -43,7 +43,9 @@ function __construct() {
 	function ajax_query() {
 
 		// validate
-		if ( ! acf_verify_ajax() ) {
+		$nonce = acf_request_arg( 'nonce', '' );
+		$key   = acf_request_arg( 'field_key', '' );
+		if ( ! acf_verify_ajax( $nonce, $key ) ) {
 			die();
 		}
 
@@ -585,4 +587,4 @@ function input_admin_enqueue_scripts() {
 		// Enqueuing
 		wp_enqueue_script( 'acf-input-user-network' );
 	}
-}
\ No newline at end of file
+}