WordPress.org
Get WordPress

Plugin Directory

Changeset 2747284


Ignore:
Timestamp:
06/23/2022 08:13:36 PM (4 years ago)
Author:
lddwebdesign
Message:

3.1 release

Location:
ldd-directory-lite/trunk/includes/admin
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • ldd-directory-lite/trunk/includes/admin/register-settings.php

    r2359247 r2747284  
    672672    }
    673673
    674     parse_str($_POST['_wp_http_referer'], $referrer);
     674    parse_str(sanitize_url($_POST['_wp_http_referer']), $referrer);
    675675
    676676    $settings = ldl_get_registered_settings();
    677     $tab = isset($referrer['tab']) ? $referrer['tab'] : 'general';
     677    $tab = isset($referrer['tab']) ? sanitize_text_field($referrer['tab']) : 'general';
    678678
    679679    $input = $input ? $input : array();
     
    875875    $html = '<input type="checkbox" id="lddlite_settings[' . $args['id'] . ']" name="lddlite_settings[' . $args['id'] . ']" value="1" ' . $checked . '>';
    876876    $html .= '<label for="lddlite_settings[' . $args['id'] . ']"> ' . $args['desc'] . '</label>';
    877 
    878     echo $html;
     877$allowed_html = array(
     878        'input' => array(
     879        'type' => array(),
     880        'id' => array(),
     881        'name' => array(),
     882        'value' => array(),
     883        'checked' => array(),
     884
     885    ));
     886    echo wp_kses($html,$allowed_html);
    879887}
    880888
     
    882890function ldl_multicheck_callback($args)
    883891{
     892   
     893    $html = '';
    884894
    885895    if (!empty($args['options'])) {
     
    890900                $enabled = null;
    891901            }
    892             echo '<input name="lddlite_settings[' . $args['id'] . '][' . $key . ']" id="lddlite_settings[' . $args['id'] . '][' . $key . ']" type="checkbox" value="' . $option . '" ' . checked($option, $enabled, FALSE) . '>&nbsp;';
    893             echo '<label for="lddlite_settings[' . $args['id'] . '][' . $key . ']">' . $option . '</label><br/>';
     902            $html .= '<input name="lddlite_settings[' . $args['id'] . '][' . $key . ']" id="lddlite_settings[' . $args['id'] . '][' . $key . ']" type="checkbox" value="' . $option . '" ' . checked($option, $enabled, FALSE) . '>&nbsp;';
     903            $html .= '<label for="lddlite_settings[' . $args['id'] . '][' . $key . ']">' . $option . '</label><br/>';
    894904        endforeach;
    895         echo '<p class="description">' . $args['desc'] . '</p>';
     905        $html .= '<p class="description">' . wp_kses_post($args['desc']) . '</p>';
    896906    }
     907   
     908    $allowed_html = array(
     909        'input' => array(
     910        'type' => array(),
     911        'id' => array(),
     912        'name' => array(),
     913        'checked' => array(),
     914        'value' => array(),
     915        ),'p'=> array()
     916        );
     917echo wp_kses($html, $allowed_html);
    897918}
    898919
     
    900921function ldl_radio_callback($args)
    901922{
    902 
     923    $html = '';
    903924    foreach ($args['options'] as $key => $option) :
    904925        $checked = FALSE;
     
    909930            $checked = TRUE;
    910931
    911         echo '<input name="lddlite_settings[' . $args['id'] . ']"" id="lddlite_settings[' . $args['id'] . '][' . $key . ']" type="radio" value="' . $key . '" ' . checked(TRUE, $checked, FALSE) . '>&nbsp;';
    912         echo '<label for="lddlite_settings[' . $args['id'] . '][' . $key . ']">' . $option . '</label><br/>';
     932       $html .= '<input name="lddlite_settings[' . $args['id'] . ']"" id="lddlite_settings[' . $args['id'] . '][' . $key . ']" type="radio" value="' . $key . '" ' . checked(TRUE, $checked, FALSE) . '> ';
     933        $html .= '<label for="lddlite_settings[' . $args['id'] . '][' . $key . ']">' . $option . '</label><br/>';
    913934    endforeach;
    914935
    915     echo '<p class="description">' . $args['desc'] . '</p>';
     936    $html .= '<p class="description">' . wp_kses_post($args['desc']) . '</p>';
     937   
     938    $allowed_html = array(
     939        'input' => array(
     940        'type' => array(),
     941        'id' => array(),
     942        'name' => array(),
     943        'checked' => array(),
     944        'value' => array(),
     945        ),'p'=> array()
     946        );
     947echo wp_kses($html, $allowed_html);
    916948}
    917949
     
    919951{
    920952
     953    $html = '';
    921954    foreach ($args['options'] as $key => $option) :
    922955        $checked = FALSE;
     
    927960            $checked = TRUE;
    928961
    929         echo "<div style='display:inline-block;'>";
    930         echo '<input name="lddlite_settings[' . $args['id'] . ']"" id="lddlite_settings[' . $args['id'] . '][' . $key . ']" type="radio" value="' . $key . '" ' . checked(TRUE, $checked, FALSE) . '>&nbsp;';
    931         echo '<label for="lddlite_settings[' . $args['id'] . '][' . $key . ']">' . $option . '</label>&nbsp&nbsp';
    932         echo "</div>";
     962        //$html .= "<div style='display:inline-block;'>";
     963       $html .=  '<input name="lddlite_settings[' . $args['id'] . ']" id="lddlite_settings[' . $args['id'] . '][' . $key . ']" type="radio" value="' . $key . '" ' . checked(TRUE, $checked, FALSE).'>' ;
     964        $html .=  '<label for="lddlite_settings[' . $args['id'] . '][' . $key . ']">' . $option . '</label> ';
     965       // $html .= "</div>";
    933966
    934967    endforeach;
    935968
    936     echo '<p class="description">' . $args['desc'] . '</p>';
     969    $html .=  '<p class="description">' . $args['desc'] . '</p>';
     970   
     971    $allowed_html = array(
     972        'input' => array(
     973        'type' => array(),
     974        'id' => array(),
     975        'name' => array(),
     976        'checked' => array(),
     977        'value' => array(),
     978        ),'p'=> array()
     979        );
     980echo wp_kses($html, $allowed_html);
     981//echo $html;
     982   
     983   
    937984}
    938985
     
    949996    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    950997
    951     echo $html;
     998   $allowed_html = array(
     999'input' => array(
     1000'type' => array(),
     1001'id' => array(),
     1002'name' => array(),
     1003'name' => array(),
     1004'value' => array(),
     1005) ,'p'=> array()); echo wp_kses($html,$allowed_html);
    9521006}
    9531007function ldl_hidden_callback($args)
     
    9611015    $size = (isset($args['size']) && !is_null($args['size'])) ? $args['size'] : 'regular';
    9621016    $html = '<input type="hidden" class="' . $size . '-text" id="lddlite_settings[' . $args['id'] . ']" name="lddlite_settings[' . $args['id'] . ']" value="' . esc_attr(stripslashes($value)) . '">';
    963     $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    964 
    965     echo $html;
     1017    $html .= '<p class="description"> ' . wp_kses_post($args['desc']) . '</p>';
     1018   
     1019
     1020       $allowed_html = array(
     1021'input' => array(
     1022'type' => array(),
     1023'id' => array(),
     1024'name' => array(),
     1025'name' => array(),
     1026'value' => array(),
     1027) ,'p'=> array()); echo wp_kses($html,$allowed_html);
    9661028}
    9671029
     
    9851047    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    9861048
    987     echo $html;
     1049    echo wp_kses_post($html);
    9881050}
    9891051
     
    10021064    }
    10031065    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    1004 
    1005     echo $html;
     1066   
     1067       $allowed_html = array(
     1068'input' => array(
     1069'type' => array(),
     1070'id' => array(),
     1071'name' => array(),
     1072'name' => array(),
     1073'value' => array(),
     1074) ,'p'=> array()); echo wp_kses($html,$allowed_html);
     1075
     1076   
    10061077}
    10071078
     
    10241095    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    10251096
    1026     echo $html;
     1097    echo wp_kses_post($html);
    10271098   
    10281099}
     
    10451116    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    10461117
    1047     echo $html;
     1118       $allowed_html = array(
     1119'input' => array(
     1120'type' => array(),
     1121'id' => array(),
     1122'name' => array(),
     1123'name' => array(),
     1124'value' => array(),
     1125) ,'p'=> array()); echo wp_kses($html,$allowed_html);
    10481126}
    10491127
     
    10611139    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    10621140
    1063     echo $html;
     1141    echo wp_kses_post($html);
    10641142}
    10651143
     
    10771155    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    10781156
    1079     echo $html;
     1157    echo wp_kses_post($html);
    10801158}
    10811159
     
    11261204    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    11271205
    1128     echo $html;
     1206       $allowed_html = array(
     1207'select' => array(
     1208
     1209'id' => array(),
     1210'name' => array(),
     1211'name' => array(),
     1212'value' => array(),
     1213),
     1214'option' => array( 'value' => array(),
     1215'selected' => array()
     1216)
     1217,'p'=> array()
     1218); echo wp_kses($html,$allowed_html);
     1219
    11291220}
    11301221
     
    11451236    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    11461237
    1147     echo $html;
     1238    echo wp_kses_post($html);
    11481239}
    11491240
     
    11621253    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    11631254
    1164     echo $html;
     1255    echo wp_kses_post($html);
    11651256}
    11661257
     
    11801271    $html .= '<p class="description"> ' . $args['desc'] . '</p>';
    11811272
    1182     echo $html;
     1273       $allowed_html = array(
     1274
     1275'button' => array(
     1276'type' => array(),
     1277'id' => array(),
     1278'aria-expanded' => array(),
     1279'style' => array(),
     1280),
     1281'div' => array(),
     1282'span' => array( 'class' => array()),
     1283);
     1284 //echo wp_kses($html,$allowed_html);
     1285 echo $html;
     1286
    11831287}
    11841288

  • ldd-directory-lite/trunk/includes/admin/setup.php

    r1875584 r2747284  
    4242 */
    4343function ldl_action_admin_menu_icon() {
    44     echo "\n\t<style>";
    45     echo '#adminmenu .menu-icon-' . LDDLITE_POST_TYPE . ' div.wp-menu-image:before { content: \'\\f307\'; }';
    46     echo '</style>';
     44    $html = "\n\t<style>";
     45    $html .= '#adminmenu .menu-icon-' . LDDLITE_POST_TYPE . ' div.wp-menu-image:before { content: \'\\f307\'; }';
     46    $html .= '</style>';
     47    $allowed = array(
     48    'style' => array());
     49    echo wp_kses($html , $allowed);
    4750}
    4851add_action('admin_head', 'ldl_action_admin_menu_icon');
Note: See TracChangeset for help on using the changeset viewer.