asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Escaping vars from class-sp-ajax, class-sp-settings-status, class-sp-template-loader, class-sp-admin-dashboard and class-sp-widget-birthdays

Browse Source
This commit is contained in:
Savvas Hadjigeorgiou
2021-11-09 08:24:23 +02:00
parent 716456c1de
commit e58beb1201
5 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
includes/class-sp-ajax.php
View File

@@ -634,7 +634,7 @@ class SP_AJAX {
$field_id = 'columns';
?>
<?php foreach ( $the_columns as $key => $label ): ?>
<label class="button"><input name="<?php echo $field_name; ?>" type="checkbox" id="<?php echo $field_id . '-' . $key; ?>" value="<?php echo $key; ?>" checked="checked"><?php echo esc_html( $label ); ?></label>
<label class="button"><input name="<?php echo esc_attr( $field_name ); ?>" type="checkbox" id="<?php echo esc_attr( $field_id ) . '-' . esc_attr( $key ); ?>" value="<?php echo esc_attr( $key ); ?>" checked="checked"><?php echo esc_html( $label ); ?></label>
<?php endforeach; ?>
</p>
<p>
@@ -898,7 +898,7 @@ class SP_AJAX {
$field_id = 'columns';
?>
<?php foreach ( $the_columns as $column ): ?>
<label class="button"><input name="<?php echo $field_name; ?>" type="checkbox" id="<?php echo $field_id . '-' . esc_attr( $column->post_name ); ?>" value="<?php echo esc_attr( $column->post_name ); ?>" checked="checked"><?php echo esc_html( $column->post_title ); ?></label>
<label class="button"><input name="<?php echo esc_attr( $field_name ); ?>" type="checkbox" id="<?php echo esc_attr( $field_id ) . '-' . esc_attr( $column->post_name ); ?>" value="<?php echo esc_attr( $column->post_name ); ?>" checked="checked"><?php echo esc_html( $column->post_title ); ?></label>
<?php endforeach; ?>
</p>
<p>
@@ -1152,7 +1152,7 @@ class SP_AJAX {
<label class="button"><input name="columns[]" type="checkbox" id="columns-team" value="team" checked="checked"><?php _e( 'Team', 'sportspress' ); ?></label>
<label class="button"><input name="columns[]" type="checkbox" id="columns-position" value="position" checked="checked"><?php _e( 'Position', 'sportspress' ); ?></label>
<?php foreach ( $the_columns as $column ): ?>
<label class="button"><input name="<?php echo $field_name; ?>" type="checkbox" id="<?php echo $field_id . '-' . esc_attr( $column->post_name ); ?>" value="<?php echo esc_attr( $column->post_name ); ?>" checked="checked"><?php echo esc_html( $column->post_title ); ?></label>
<label class="button"><input name="<?php echo esc_attr( $field_name ); ?>" type="checkbox" id="<?php echo esc_attr( $field_id ) . '-' . esc_attr( $column->post_name ); ?>" value="<?php echo esc_attr( $column->post_name ); ?>" checked="checked"><?php echo esc_html( $column->post_title ); ?></label>
<?php endforeach; ?>
</p>
<p>