asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Escape input values when importing

Browse Source
This commit is contained in:
Brian Miyaji
2015-10-05 12:26:31 +11:00
parent 46426eea17
commit 0b8edb70a3
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
includes/admin/importers/class-sp-importer.php
View File

@@ -152,7 +152,7 @@ if ( class_exists( 'WP_Importer' ) ) {
<tr> <tr>
<?php $index = 0; foreach ( $this->columns as $key => $label ): $value = sp_array_value( $row, $index ); ?> <?php $index = 0; foreach ( $this->columns as $key => $label ): $value = sp_array_value( $row, $index ); ?>
<td> <td>
<input type="text" class="widefat" value="<?php echo $value; ?>" name="sp_import[]"> <input type="text" class="widefat" value="<?php echo esc_attr( $value ); ?>" name="sp_import[]">
</td> </td>
<?php $index ++; endforeach; ?> <?php $index ++; endforeach; ?>
<td class="sp-actions-column"> <td class="sp-actions-column">