asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sanitize input fields in setup wizard

Browse Source
This commit is contained in:
Brian Miyaji
2021-11-05 23:33:24 +09:00
parent f3ee15c627
commit f55c0cbd7c
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
includes/admin/class-sp-admin-setup-wizard.php
View File

@@ -474,7 +474,7 @@ class SP_Admin_Setup_Wizard {
$id = wp_insert_post( $post ); $id = wp_insert_post( $post );
// Add squad number // Add squad number
$number = sp_array_value( $player, 'number' ); $number = sanitize_text_field( sp_array_value( $player, 'number' ) );
update_post_meta( $id, 'sp_number', $number ); update_post_meta( $id, 'sp_number', $number );
// Add position // Add position
@@ -573,9 +573,9 @@ class SP_Admin_Setup_Wizard {
} }
$meta = array( $meta = array(
'sp_address' => sp_array_value( $_POST, 'address' ), 'sp_address' => sanitize_text_field( sp_array_value( $_POST, 'address' ) ),
'sp_latitude' => sp_array_value( $_POST, 'latitude' ), 'sp_latitude' => sanitize_text_field( sp_array_value( $_POST, 'latitude' ) ),
'sp_longitude' => sp_array_value( $_POST, 'longitude' ), 'sp_longitude' => sanitize_text_field( sp_array_value( $_POST, 'longitude' ) ),
); );
update_option( "taxonomy_$t_id", $meta ); update_option( "taxonomy_$t_id", $meta );
} }