I was wondering if it would be possible to prevent url parameters from being read and used via PHP, specifically with Wordpress and Woocommerce.
The best example I can give is as follows, for a domain with wordpress and woocommerce installed, the following URL will add the appropriate product (with product id 999) to cart instantly:
www.example.com/?add-to-cart=999
I would like to prevent this parameter from being read if possible. All assistance is appreciated.
Alright, solved it, sort of. No GET Requests will go through on that particular parameter.
Edit class-wc-form-handler.php (found within the woocommerce/includes directory where your wordpress plugins are found) as follows:
find the function add_to_cart_action and add the following directly under the method declaration:
if ( $_SERVER['REQUEST_METHOD'] == 'GET'){
return;
}
All done, probably not the best answer, but it gets the job done.