From ff47d1976b7199d896678a1142a6f775197a42e4 Mon Sep 17 00:00:00 2001
From: Brian Miyaji <brian@themeboy.com>
Date: Sat, 6 Nov 2021 11:07:36 +0900
Subject: [PATCH] Add sanitization to player meta boxes

---
 .../meta-boxes/class-sp-meta-box-player-columns.php    |  2 +-
 .../meta-boxes/class-sp-meta-box-player-details.php    | 10 +++++-----
 .../meta-boxes/class-sp-meta-box-player-metrics.php    |  2 +-
 .../meta-boxes/class-sp-meta-box-player-statistics.php |  4 ++--
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-columns.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-columns.php
index 475e9e7a..0047a46e 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-columns.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-columns.php
@@ -43,6 +43,6 @@ class SP_Meta_Box_Player_Columns {
 	 * Save meta box data
 	 */
 	public static function save( $post_id, $post ) {
-		update_post_meta( $post_id, 'sp_columns', sp_array_value( $_POST, 'sp_columns', array() ) );
+		update_post_meta( $post_id, 'sp_columns', sp_array_value( $_POST, 'sp_columns', array(), 'key' ) );
 	}
 }
\ No newline at end of file
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-details.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-details.php
index e96e97d9..8574e48f 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-details.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-details.php
@@ -178,10 +178,10 @@ class SP_Meta_Box_Player_Details {
 	 * Save meta box data
 	 */
 	public static function save( $post_id, $post ) {
-		update_post_meta( $post_id, 'sp_number', esc_attr( sp_array_value( $_POST, 'sp_number', '' ) ) );
-		sp_update_post_meta_recursive( $post_id, 'sp_nationality', sp_array_value( $_POST, 'sp_nationality', array() ) );
-		sp_update_post_meta_recursive( $post_id, 'sp_current_team', sp_array_value( $_POST, 'sp_current_team', array() ) );
-		sp_update_post_meta_recursive( $post_id, 'sp_past_team', sp_array_value( $_POST, 'sp_past_team', array() ) );
-		sp_update_post_meta_recursive( $post_id, 'sp_team', array_merge( array( sp_array_value( $_POST, 'sp_current_team', array() ) ), sp_array_value( $_POST, 'sp_past_team', array() ) ) );
+		update_post_meta( $post_id, 'sp_number', esc_attr( sp_array_value( $_POST, 'sp_number', '', 'text' ) ) );
+		sp_update_post_meta_recursive( $post_id, 'sp_nationality', sp_array_value( $_POST, 'sp_nationality', array(), 'text' ) );
+		sp_update_post_meta_recursive( $post_id, 'sp_current_team', sp_array_value( $_POST, 'sp_current_team', array(), 'int' ) );
+		sp_update_post_meta_recursive( $post_id, 'sp_past_team', sp_array_value( $_POST, 'sp_past_team', array(), 'int' ) );
+		sp_update_post_meta_recursive( $post_id, 'sp_team', array_merge( array( sp_array_value( $_POST, 'sp_current_team', array(), 'int' ) ), sp_array_value( $_POST, 'sp_past_team', array() ) ) );
 	}
 }
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-metrics.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-metrics.php
index b838cfb2..5d9e1367 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-metrics.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-metrics.php
@@ -48,6 +48,6 @@ class SP_Meta_Box_Player_Metrics {
 	 * Save meta box data
 	 */
 	public static function save( $post_id, $post ) {
-		update_post_meta( $post_id, 'sp_metrics', sp_array_value( $_POST, 'sp_metrics', array() ) );
+		update_post_meta( $post_id, 'sp_metrics', sp_array_value( $_POST, 'sp_metrics', array(), 'text' ) );
 	}
 }
\ No newline at end of file
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-statistics.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-statistics.php
index a6b4e5da..efa78652 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-statistics.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-player-statistics.php
@@ -85,8 +85,8 @@ class SP_Meta_Box_Player_Statistics {
 	 * Save meta box data
 	 */
 	public static function save( $post_id, $post ) {
-		update_post_meta( $post_id, 'sp_leagues', sp_array_value( $_POST, 'sp_leagues', array() ) );
-		update_post_meta( $post_id, 'sp_statistics', sp_array_value( $_POST, 'sp_statistics', array() ) );
+		update_post_meta( $post_id, 'sp_leagues', sp_array_value( $_POST, 'sp_leagues', array(), 'int' ) );
+		update_post_meta( $post_id, 'sp_statistics', sp_array_value( $_POST, 'sp_statistics', array(), 'text' ) );
 	}
 
 	/**