From 8f1becc68fa5326b293d8553b8c347f4de66d506 Mon Sep 17 00:00:00 2001
From: Brian Miyaji <brian@themeboy.com>
Date: Sat, 6 Nov 2021 00:51:32 +0900
Subject: [PATCH 1/3] Sanitization should be key

---
 .../meta-boxes/class-sp-meta-box-event-performance.php          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-event-performance.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-event-performance.php
index 1a6098d0..ecfd3c1f 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-event-performance.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-event-performance.php
@@ -75,7 +75,7 @@ class SP_Meta_Box_Event_Performance {
 		update_post_meta( $post_id, 'sp_stars', sp_array_value( $_POST, 'sp_stars', array(), 'text' ) );
 
 		if ( isset( $_POST['sp_columns'] ) ) {
-			$columns = array_filter( (array) sp_array_value( $_POST, 'sp_columns', array(), 'text' ) );
+			$columns = array_filter( (array) sp_array_value( $_POST, 'sp_columns', array(), 'key' ) );
 			update_post_meta( $post_id, 'sp_columns', $columns );
 		}
 	}

From f84beeb71acab0bfe1d14f3f8b7b1403c7029254 Mon Sep 17 00:00:00 2001
From: Brian Miyaji <brian@themeboy.com>
Date: Sat, 6 Nov 2021 00:51:55 +0900
Subject: [PATCH 2/3] Fix warning when viewing template order for the first
 time

---
 includes/admin/settings/class-sp-settings-page.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/includes/admin/settings/class-sp-settings-page.php b/includes/admin/settings/class-sp-settings-page.php
index ba7d2d4a..b951dc8e 100644
--- a/includes/admin/settings/class-sp-settings-page.php
+++ b/includes/admin/settings/class-sp-settings-page.php
@@ -101,7 +101,7 @@ class SP_Settings_Page {
 			$layout = array_keys( $templates );
 		}
 		
-		$templates = array_merge( array_flip( $layout ), $templates );
+		$templates = array_merge( array_flip( (array) $layout ), $templates );
 
 		$slice = array_search( 'tabs', array_keys( $templates ) );
 		if ( $slice ) {
@@ -155,7 +155,7 @@ class SP_Settings_Page {
 			$layout = array_keys( $templates );
 		}
 		
-		$templates = array_merge( array_flip( $layout ), $templates );
+		$templates = array_merge( array_flip( (array) $layout ), $templates );
 
 		$slice = array_search( 'tabs', array_keys( $templates ) );
 		if ( $slice ) {

From 8f075ccf98c40eac1b514a93bdf6438cfe3d2fc6 Mon Sep 17 00:00:00 2001
From: Brian Miyaji <brian@themeboy.com>
Date: Sat, 6 Nov 2021 00:52:16 +0900
Subject: [PATCH 3/3] Add sanitization to team meta boxes

---
 .../meta-boxes/class-sp-meta-box-team-columns.php         | 2 +-
 .../meta-boxes/class-sp-meta-box-team-details.php         | 8 ++++----
 .../meta-boxes/class-sp-meta-box-team-lists.php           | 2 +-
 .../meta-boxes/class-sp-meta-box-team-staff.php           | 2 +-
 .../meta-boxes/class-sp-meta-box-team-tables.php          | 2 +-
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-columns.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-columns.php
index 02893530..e8c297fa 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-columns.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-columns.php
@@ -45,7 +45,7 @@ class SP_Meta_Box_Team_Columns {
 	 * Save meta box data
 	 */
 	public static function save( $post_id, $post ) {
-		update_post_meta( $post_id, 'sp_columns', sp_array_value( $_POST, 'sp_columns', array() ) );
+		update_post_meta( $post_id, 'sp_columns', sp_array_value( $_POST, 'sp_columns', array(), 'key' ) );
 	}
 
 	/**
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-details.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-details.php
index 646fb2ae..c72e0700 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-details.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-details.php
@@ -124,9 +124,9 @@ class SP_Meta_Box_Team_Details {
 	 * Save meta box data
 	 */
 	public static function save( $post_id, $post ) {
-		update_post_meta( $post_id, 'sp_url', esc_url( sp_array_value( $_POST, 'sp_url', '' ) ) );
-		update_post_meta( $post_id, 'sp_redirect', sp_array_value( $_POST, 'sp_redirect', 0 ) );
-		update_post_meta( $post_id, 'sp_short_name', esc_attr( sp_array_value( $_POST, 'sp_short_name', '' ) ) );
-		update_post_meta( $post_id, 'sp_abbreviation', esc_attr( sp_array_value( $_POST, 'sp_abbreviation', '' ) ) );
+		update_post_meta( $post_id, 'sp_url', esc_url( sp_array_value( $_POST, 'sp_url', '', 'text' ) ) );
+		update_post_meta( $post_id, 'sp_redirect', sp_array_value( $_POST, 'sp_redirect', 0, 'int' ) );
+		update_post_meta( $post_id, 'sp_short_name', esc_attr( sp_array_value( $_POST, 'sp_short_name', '', 'text' ) ) );
+		update_post_meta( $post_id, 'sp_abbreviation', esc_attr( sp_array_value( $_POST, 'sp_abbreviation', '', 'text' ) ) );
 	}
 }
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-lists.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-lists.php
index 75ea8c21..875a0dff 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-lists.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-lists.php
@@ -38,7 +38,7 @@ class SP_Meta_Box_Team_Lists {
 	 * Save meta box data
 	 */
 	public static function save( $post_id, $post ) {
-		sp_update_post_meta_recursive( $post_id, 'sp_list', sp_array_value( $_POST, 'sp_list', array() ) );
+		sp_update_post_meta_recursive( $post_id, 'sp_list', sp_array_value( $_POST, 'sp_list', array(), 'int' ) );
 	}
 
 	/**
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-staff.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-staff.php
index edba2f55..1d739398 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-staff.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-staff.php
@@ -38,7 +38,7 @@ class SP_Meta_Box_Team_Staff {
 	 * Save meta box data
 	 */
 	public static function save( $post_id, $post ) {
-		sp_update_post_meta_recursive( $post_id, 'sp_staff', sp_array_value( $_POST, 'sp_staff', array() ) );
+		sp_update_post_meta_recursive( $post_id, 'sp_staff', sp_array_value( $_POST, 'sp_staff', array(), 'int' ) );
 	}
 
 	/**
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-tables.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-tables.php
index 106b2dc8..916fce61 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-tables.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-tables.php
@@ -38,7 +38,7 @@ class SP_Meta_Box_Team_Tables {
 	 * Save meta box data
 	 */
 	public static function save( $post_id, $post ) {
-		sp_update_post_meta_recursive( $post_id, 'sp_table', sp_array_value( $_POST, 'sp_table', array() ) );
+		sp_update_post_meta_recursive( $post_id, 'sp_table', sp_array_value( $_POST, 'sp_table', array(), 'text' ) );
 	}
 
 	/**