asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Escape output vars of includes files (#1)

Browse Source
This commit is contained in:
savvasha
2021-11-06 12:34:49 +02:00
parent 0c9a9dc104
commit e24a9fa4eb
4 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
includes/class-sp-countries.php
View File

@@ -748,9 +748,9 @@ class SP_Countries {
public function country_dropdown_options( $selected_country = '', $escape = false ) {
if ( $this->continents ) foreach ( $this->continents as $continent => $countries ):
?>
<optgroup label="<?php echo $continent; ?>">
<optgroup label="<?php echo esc_attr( $continent ); ?>">
<?php foreach ( $countries as $code => $country ): ?>
<option value="<?php echo $code; ?>" <?php selected ( $selected_country, $code ); ?>><?php echo $country; ?></option>
<option value="<?php echo esc_attr( $code ); ?>" <?php selected ( $selected_country, $code ); ?>><?php echo esc_html( $country ); ?></option>
<?php endforeach; ?>
</optgroup>
<?php