Changeset 2718709
- Timestamp:
- 05/05/2022 04:21:12 PM (4 years ago)
- Location:
- stafflist/trunk
- Files:
-
- 2 edited
-
readme.txt (modified) (1 diff)
-
stafflist.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
stafflist/trunk/readme.txt
r2717317 r2718709 103 103 104 104 == Changelog == 105 106 = 3.1.7 = 107 * Another security patch for admin pager, as suggested by Erwan Le Rousseau (thank you); 108 105 109 = 3.1.6 = 106 110 * Added wp_nonce_url and check_admin_referer to admin delete record feature to defend against CSRF, as suggested by Hassan Khan Yusufzai (thank you); -
stafflist/trunk/stafflist.php
r2717317 r2718709 4 4 Plugin URI: http://wordpress.org/plugins/stafflist/ 5 5 Description: A super simplified staff directory tool 6 Version: 3.1. 66 Version: 3.1.7 7 7 Author: era404 8 8 Author URI: http://www.era404.com … … 289 289 290 290 global $stafflisturl; 291 $stafflisturl = STAFFLIST_URL . ($w ? "&search= {$w}" : "") . ($s ? "&s={$s}": "");291 $stafflisturl = STAFFLIST_URL . ($w ? "&search=".esc_attr($w) : "") . ($s ? "&s=".esc_attr($s) : ""); 292 292 echo renderAdminPager($pg); 293 293
Note: See TracChangeset
for help on using the changeset viewer.