WordPress.org
Get WordPress

Plugin Directory

Changeset 1132642


Ignore:
Timestamp:
04/11/2015 08:58:21 AM (11 years ago)
Author:
M66B
Message:

Fixed XSS vulnerability

File:
1 edited

Legend:

Unmodified
Added
Removed

  • add-link-to-facebook/trunk/add-link-to-facebook-class.php

    r1083673 r1132642  
    459459
    460460            // Update user options
    461             update_user_meta($user_ID, c_al2fb_meta_client_id, $_POST[c_al2fb_meta_client_id]);
    462             update_user_meta($user_ID, c_al2fb_meta_app_secret, $_POST[c_al2fb_meta_app_secret]);
     461            update_user_meta($user_ID, c_al2fb_meta_client_id, sanitize_text_field($_POST[c_al2fb_meta_client_id]));
     462            update_user_meta($user_ID, c_al2fb_meta_app_secret, sanitize_text_field($_POST[c_al2fb_meta_app_secret]));
    463463            update_user_meta($user_ID, c_al2fb_meta_picture_type, $_POST[c_al2fb_meta_picture_type]);
    464             update_user_meta($user_ID, c_al2fb_meta_picture, $_POST[c_al2fb_meta_picture]);
    465             update_user_meta($user_ID, c_al2fb_meta_picture_default, $_POST[c_al2fb_meta_picture_default]);
     464            update_user_meta($user_ID, c_al2fb_meta_picture, sanitize_text_field($_POST[c_al2fb_meta_picture]));
     465            update_user_meta($user_ID, c_al2fb_meta_picture_default, sanitize_text_field($_POST[c_al2fb_meta_picture_default]));
    466466            update_user_meta($user_ID, c_al2fb_meta_picture_size, $_POST[c_al2fb_meta_picture_size]);
    467             update_user_meta($user_ID, c_al2fb_meta_icon, $_POST[c_al2fb_meta_icon]);
     467            update_user_meta($user_ID, c_al2fb_meta_icon, sanitize_text_field($_POST[c_al2fb_meta_icon]));
    468468            update_user_meta($user_ID, c_al2fb_meta_page, $_POST[c_al2fb_meta_page]);
    469469            update_user_meta($user_ID, c_al2fb_meta_page_extra, $_POST[c_al2fb_meta_page_extra]);
Note: See TracChangeset for help on using the changeset viewer.