Changeset 3260081
- Timestamp:
- 03/22/2025 03:13:50 PM (12 months ago)
- Location:
- sitekit
- Files:
-
- 23 added
- 3 edited
-
tags/1.9 (added)
-
tags/1.9/.gitattributes (added)
-
tags/1.9/.gitignore (added)
-
tags/1.9/css (added)
-
tags/1.9/css/sitekit.css (added)
-
tags/1.9/inc (added)
-
tags/1.9/inc/sitekit-functions.php (added)
-
tags/1.9/inc/sitekit-settings.php (added)
-
tags/1.9/inc/sitekit-shortcode-archives.php (added)
-
tags/1.9/inc/sitekit-shortcode-bloginfo.php (added)
-
tags/1.9/inc/sitekit-shortcode-categories.php (added)
-
tags/1.9/inc/sitekit-shortcode-iframe.php (added)
-
tags/1.9/inc/sitekit-shortcode-menu.php (added)
-
tags/1.9/inc/sitekit-shortcode-posts.php (added)
-
tags/1.9/inc/sitekit-widget-archives.php (added)
-
tags/1.9/inc/sitekit-widget-categories.php (added)
-
tags/1.9/inc/sitekit-widget-posts.php (added)
-
tags/1.9/inc/sitekit-widget-search.php (added)
-
tags/1.9/js (added)
-
tags/1.9/js/tinymce.js (added)
-
tags/1.9/readme.txt (added)
-
tags/1.9/sitekit.php (added)
-
tags/1.9/todo.txt (added)
-
trunk/inc/sitekit-shortcode-menu.php (modified) (1 diff)
-
trunk/readme.txt (modified) (3 diffs)
-
trunk/sitekit.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
sitekit/trunk/inc/sitekit-shortcode-menu.php
r3163729 r3260081 26 26 $atts = shortcode_atts( $defaults, $atts, 'sitekit_menu' ); 27 27 28 return wp_nav_menu( $atts ) . SITEKIT_PLUGIN_POWERED; 28 // Sanitize attributes to prevent XSS attacks 29 $safe_atts = array(); 30 31 // Sanitize text fields 32 $text_fields = array('menu', 'fallback_cb', 'walker'); 33 foreach ($text_fields as $field) { 34 $safe_atts[$field] = isset($atts[$field]) ? sanitize_text_field($atts[$field]) : ''; 35 } 36 37 // Sanitize HTML attributes that will appear as tag attributes 38 $html_attr_fields = array('container', 'container_class', 'container_id', 'menu_class', 'menu_id', 'before', 'after', 'link_before', 'link_after', 'items_wrap'); 39 foreach ($html_attr_fields as $field) { 40 if (isset($atts[$field])) { 41 if ($field === 'container') { 42 // Container should only accept specific valid values 43 $safe_atts[$field] = in_array($atts[$field], array('div', 'nav', '', false)) ? $atts[$field] : 'div'; 44 } elseif ($field === 'items_wrap') { 45 // Items wrap is a special case with a specific format 46 $safe_atts[$field] = sanitize_text_field($atts[$field]); 47 } else { 48 $safe_atts[$field] = sanitize_html_class($atts[$field]); 49 } 50 } else { 51 $safe_atts[$field] = ''; 52 } 53 } 54 55 // Handle numeric values 56 $safe_atts['depth'] = isset($atts['depth']) ? intval($atts['depth']) : 0; 57 $safe_atts['echo'] = isset($atts['echo']) ? (bool)$atts['echo'] : false; 58 59 return wp_nav_menu( $safe_atts ) . SITEKIT_PLUGIN_POWERED; 29 60 } 30 61 add_shortcode( 'sitekit_menu', 'sitekit_shortcode_menu' ); -
sitekit/trunk/readme.txt
r3163757 r3260081 4 4 Tags: widget, widgets, search, archive, archives, category, categories, pages, shortcode, shortcodes, bloginfo, iframe 5 5 Requires at least: 4.0 6 Tested up to: 6. 6.27 Stable tag: 1. 86 Tested up to: 6.7.2 7 Stable tag: 1.9 8 8 License: GPLv3 9 9 License URI: http://www.gnu.org/licenses/gpl.html … … 13 13 == Description == 14 14 15 * **[Advanced iFrame Pro](https://1.envato.market/KdRNz "Advanced iFrame Pro")**16 15 * **[Sitekit](http://web-profile.net/wordpress/plugins/sitekit/ "Plugin page")** 17 16 * **[Donate](http://web-profile.net/donate/ "Support the development")** … … 128 127 == Changelog == 129 128 129 = 1.9 = 130 * Sanitized [sitekit_menu] shortcode params. 131 130 132 = 1.8 = 131 133 * Added [sitekit_menu] shortcode. -
sitekit/trunk/sitekit.php
r3163729 r3260081 4 4 Plugin URI: https://wordpress.org/plugins/sitekit/ 5 5 Description: Widgets: search, archives, categories, pages, posts. Shortcodes: archives, bloginfo, categories, posts, custom menu. 6 Version: 1. 86 Version: 1.9 7 7 Author: webvitaly 8 8 Text Domain: sitekit … … 15 15 } 16 16 17 define('SITEKIT_PLUGIN_VERSION', '1. 8');17 define('SITEKIT_PLUGIN_VERSION', '1.9'); 18 18 define('SITEKIT_PLUGIN_POWERED', "\n".'<!-- Powered by Sitekit v.'.SITEKIT_PLUGIN_VERSION.' https://wordpress.org/plugins/sitekit/ -->'."\n"); 19 19
Note: See TracChangeset
for help on using the changeset viewer.