asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Escape output vars on Admin Dashboard

Browse Source
This commit is contained in:
Savvas Hadjigeorgiou
2021-11-05 13:20:56 +02:00
parent 0300ec6f87
commit 70eadf8ac0
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
includes/admin/class-sp-admin-dashboard.php
View File

@@ -79,7 +79,7 @@ class SP_Admin_Dashboard {
<li class="countdown" data-countdown="<?php echo str_replace( '-', '/', get_gmt_from_date( $next_event->post_date ) ); ?>">
<a href="<?php echo get_edit_post_link( $next_event->ID ); ?>">
<?php printf( __( '<strong>%s</strong> until next event', 'sportspress' ), $interval->days . ' ' . __( 'days', 'sportspress' ) . ' ' . sprintf( '%02s:%02s:%02s', $interval->h, $interval->i, $interval->s ) ); ?>
(<?php echo $next_event->post_title; ?>)
(<?php echo esc_attr( $next_event->post_title ); ?>)
</a>
</li>
<?php endif; ?>
@@ -113,7 +113,7 @@ class SP_Admin_Dashboard {
<div class="rss-widget">
<ul>
<?php foreach ($rss_items as $item) { ?>
<li><a class="rsswidget" href="<?php echo $item->get_permalink(); ?>" target="_blank"><?php echo $item->get_title(); ?></a> <span class="rss-date"><?php echo $item->get_date('j F Y'); ?></span></li>
<li><a class="rsswidget" href="<?php echo esc_url( $item->get_permalink() ); ?>" target="_blank"><?php echo esc_attr( $item->get_title() ); ?></a> <span class="rss-date"><?php echo esc_attr( $item->get_date('j F Y') ); ?></span></li>
<?php } ?>
</ul>
</div>