Changeset 1753559
- Timestamp:
- 10/26/2017 11:54:16 PM (8 years ago)
- Location:
- wp-iclew/trunk
- Files:
-
- 2 edited
-
readme.txt (modified) (1 diff)
-
wp-acobot.php (modified) (9 diffs)
Legend:
- Unmodified
- Added
- Removed
-
wp-iclew/trunk/readme.txt
r1753524 r1753559 75 75 Do not show the Agent on posts/pages if the key is empty 76 76 77 = 1.3 = 78 79 Add security when reading options from database. 80 77 81 == Learn More section == 78 82 -
wp-iclew/trunk/wp-acobot.php
r1753524 r1753559 4 4 Plugin URI: http://vavoomdesign.com/wordpress/scott/wp-acobot/ 5 5 Description: Add a sophisticated, customizable Agent to your pages with a shortcode. Powered by acobot 6 Version: 1. 26 Version: 1.3 7 7 Author: Scott Campbell 8 8 Author URI: http://vavoomdesign.com/wordpress/scott … … 74 74 private function add_acobot_script( $admin = false ) { 75 75 $url = self::ACOBOT_URL; 76 $key = get_option(self::OPT_KEY, '');76 $key = sanitize_text_field(get_option(self::OPT_KEY, '' )); 77 77 78 78 //if admin && no key, then use the REF_KEY … … 96 96 $js.= ' if( $("#aco-wrapper").length ) {'; 97 97 98 $setting = get_option(self::OPT_COLOR, '');98 $setting = sanitize_text_field(get_option(self::OPT_COLOR, '' )); 99 99 if( isset($setting) ) { 100 100 $js.= '$("body").append( "<style>.iclew-color{background-color:' . $setting . ';}</style>" );'; … … 102 102 103 103 // the image file name requires both tests, I couldn't figure out why 104 $setting = get_option(self::OPT_IMG, '');104 $setting = sanitize_text_field(get_option(self::OPT_IMG, '' )); 105 105 if( isset($setting) && !empty($setting) ) { 106 106 $js.= '$("#iclew-button-img").attr( "src","' . $setting . '").width(60);'; … … 129 129 public function run_acobot( $atts, $content='' ) { 130 130 // if enabled, then show the bot 131 $setting = get_option(self::OPT_ENB, '1');132 $key = get_option(self::OPT_KEY, '');131 $setting = sanitize_text_field(get_option(self::OPT_ENB, '1' )); 132 $key = sanitize_text_field(get_option(self::OPT_KEY, '' )); 133 133 134 134 if( (1 == $setting) && !empty($key) ) { … … 185 185 186 186 public function callback_acobot_key( $args ) { 187 $setting = get_option(self::OPT_KEY, '');187 $setting = sanitize_text_field(get_option(self::OPT_KEY, '' )); 188 188 ?> 189 189 <p><input type="text" name="<?= self::OPT_KEY ?>" size="30" value="<?= isset($setting) ? esc_attr($setting) : ''; ?>"> … … 193 193 194 194 public function callback_acobot_enb( $args ) { 195 $setting = get_option(self::OPT_ENB, '1');195 $setting = sanitize_text_field(get_option(self::OPT_ENB, '1' )); 196 196 ?> 197 197 <p><input type="checkbox" name="<?= self::OPT_ENB ?>" value="1" <? checked( '1', $setting ) ?>> … … 201 201 202 202 public function callback_acobot_color( $args ) { 203 $setting = get_option(self::OPT_COLOR, '');203 $setting = sanitize_text_field(get_option(self::OPT_COLOR, '' )); 204 204 ?> 205 205 <p><input type="text" name="<?= self::OPT_COLOR ?>" size="30" value="<?= isset($setting) ? esc_attr($setting) : ''; ?>"> … … 209 209 210 210 public function callback_acobot_img( $args ) { 211 $setting = get_option(self::OPT_IMG, '');211 $setting = sanitize_text_field(get_option(self::OPT_IMG, '' )); 212 212 ?> 213 213 <p><input type="text" name="<?= self::OPT_IMG ?>" size="30" value="<?= isset($setting) ? esc_attr($setting) : ''; ?>">
Note: See TracChangeset
for help on using the changeset viewer.