WordPress.org
Get WordPress

Plugin Directory

Changeset 2944168


Ignore:
Timestamp:
07/27/2023 11:52:53 AM (3 years ago)
Author:
mannweb
Message:

Fixing potential XSS with setting inputs

File:
1 edited

Legend:

Unmodified
Added
Removed

  • simple-site-verify/trunk/simple-site-verify-settings.php

    r1946265 r2944168  
    8383    ?>
    8484
    85     <input type='text' name='ssv_settings[ssv_pinterest]' <?php if ( isset ( $options[ 'ssv_pinterest' ] ) ) echo 'value="' . $options[ 'ssv_pinterest' ] . '"'; ?> id="pinterest" /><br />
     85    <input type='text' name='ssv_settings[ssv_pinterest]' <?php if (isset($options['ssv_pinterest'])) echo 'value="' . htmlspecialchars($options['ssv_pinterest'], ENT_QUOTES) . '"'; ?> id="pinterest" /><br />
    8686This is your website's unique 32-character code. It is the code shown within content="" inside the meta tag given to you.
    8787
     
    9797    ?>
    9898
    99     <input type='text' name='ssv_settings[ssv_google]' <?php if ( isset ( $options[ 'ssv_google' ] ) ) echo 'value="' . $options[ 'ssv_google' ] . '"'; ?> id="google" /><br />Google Search Console/Google Apps. This is your website's unique code. It is the code shown within content="" inside the meta tag given to you.
     99    <input type='text' name='ssv_settings[ssv_google]' <?php if (isset($options['ssv_google'])) echo 'value="' . htmlspecialchars($options['ssv_google'], ENT_QUOTES) . '"'; ?> id="google" /><br />
     100    Google Search Console/Google Apps. This is your website's unique code. It is the code shown within content="" inside the meta tag given to you.
    100101
    101102    <?php
     
    110111    ?>
    111112
    112     <input type='text' name='ssv_settings[ssv_google_analytics]' <?php if ( isset ( $options[ 'ssv_google_analytics' ] ) ) echo 'value="' . $options[ 'ssv_google_analytics' ] . '"'; ?> id="google" /><br />This is your website's unique code. It is the code shown within content="" inside the meta tag given to you.
     113    <input type='text' name='ssv_settings[ssv_google_analytics]' <?php if (isset($options['ssv_google_analytics'])) echo 'value="' . htmlspecialchars($options['ssv_google_analytics'], ENT_QUOTES) . '"'; ?> id="google-analytics" /><br />This is your website's unique code. It is the code shown within content="" inside the meta tag given to you.
    113114
    114115    <?php
     
    123124    ?>
    124125
    125     <input type='text' name='ssv_settings[ssv_bing]' <?php if ( isset ( $options[ 'ssv_bing' ] ) ) echo 'value="' . $options[ 'ssv_bing' ] . '"'; ?> id="bing" /><br />This is your website's unique code. It is the code shown within content="" inside the meta tag given to you.
     126    <input type='text' name='ssv_settings[ssv_bing]' <?php if (isset($options['ssv_bing'])) echo 'value="' . htmlspecialchars($options['ssv_bing'], ENT_QUOTES) . '"'; ?> id="bing" /><br />This is your website's unique code. It is the code shown within content="" inside the meta tag given to you.
    126127
    127128    <?php
     
    136137    ?>
    137138
    138     <input type='text' name='ssv_settings[ssv_yandex]' <?php if ( isset ( $options[ 'ssv_yandex' ] ) ) echo 'value="' . $options[ 'ssv_yandex' ] . '"'; ?> id="yandex" /><br />This is your website's unique code. It is the code shown within content="" inside the meta tag given to you.
     139    <input type='text' name='ssv_settings[ssv_yandex]' <?php if (isset($options['ssv_yandex'])) echo 'value="' . htmlspecialchars($options['ssv_yandex'], ENT_QUOTES) . '"'; ?> id="yandex" /><br />This is your website's unique code. It is the code shown within content="" inside the meta tag given to you.
     140
    139141
    140142    <?php
Note: See TracChangeset for help on using the changeset viewer.