Changeset 3408797
- Timestamp:
- 12/03/2025 05:12:06 AM (4 months ago)
- Location:
- display-post-types/trunk
- Files:
-
- 3 edited
-
display-post-types.php (modified) (2 diffs)
-
helper/class-security.php (modified) (6 diffs)
-
readme.txt (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
display-post-types/trunk/display-post-types.php
r3396264 r3408797 15 15 * Plugin Name: Display Post Types 16 16 * Description: Filter, sort and display post, page or any post type. 17 * Version: 3.2. 317 * Version: 3.2.4 18 18 * Author: easyprolabs 19 19 * Author URI: https://easyprolabs.com/display-post-types/ … … 31 31 // Currently plugin version. 32 32 if ( ! defined( 'DISPLAY_POST_TYPES_VERSION' ) ) { 33 define( 'DISPLAY_POST_TYPES_VERSION', '3.2. 3' );33 define( 'DISPLAY_POST_TYPES_VERSION', '3.2.4' ); 34 34 } 35 35 -
display-post-types/trunk/helper/class-security.php
r3323385 r3408797 34 34 'title' => 'string', 35 35 'post_type' => 'string', 36 'taxonomy' => ' string',37 'terms' => ' arrstring',36 'taxonomy' => 'taxonomy', 37 'terms' => 'terms', 38 38 'relation' => 'string', 39 39 'post_ids' => 'string', … … 84 84 foreach ( $data as $key => $value ) { 85 85 $type = isset( $setting_type[ $key ] ) ? $setting_type[ $key ] : ( is_array( $value ) ? 'arrstring' : 'string' ); 86 $data[ $key ] = self::sanitize( $value, $type );86 $data[ $key ] = self::sanitize( $value, $type, $data ); 87 87 } 88 88 return $data; … … 115 115 * @param mixed $data data to be sanitized. 116 116 * @param string $data_type data type to apply correct sanitization. 117 */ 118 public static function sanitize( $data, $data_type ) { 117 * @param array $instance All data array to establish connection. 118 */ 119 public static function sanitize( $data, $data_type, $instance ) { 119 120 switch ( $data_type ) { 120 121 case 'string': … … 142 143 $data = array_map( 'sanitize_text_field', $data ); 143 144 break; 145 case 'taxonomy': 146 if ( ! empty( $instance['post_type'] ) && 'page' !== $instance['post_type'] ) { 147 $taxonomies = get_object_taxonomies( $instance['post_type'], 'objects' ); 148 $taxonomies = wp_list_pluck( $taxonomies, 'label', 'name' ); 149 $data = array_key_exists( $data, $taxonomies ) ? $data : ''; 150 } else { 151 $data = ''; 152 } 153 break; 154 case 'terms': 155 $data = ! is_array( $data ) ? explode( ',', $data ) : $data; 156 if ( $instance['taxonomy'] && $data ) { 157 $terms = get_terms( array( 'taxonomy' => $instance['taxonomy'] ) ); 158 $terms = wp_list_pluck( $terms, 'name', 'slug' ); 159 $valid_terms = array_keys( $terms ); 160 161 $data = array_intersect( $data, $valid_terms ); 162 } else { 163 $data = array(); 164 } 165 break; 144 166 case 'check': 145 167 $data = 'yes' === $data ? 'yes' : ''; 168 break; 146 169 default: 147 170 $data = sanitize_text_field( $data ); … … 163 186 switch ( $data_type ) { 164 187 case 'string': 188 case 'taxonomy': 165 189 $data = esc_html( $data ); 166 190 break; … … 183 207 break; 184 208 case 'arrstring': 209 case 'terms': 185 210 $data = ! is_array( $data ) ? explode( ',', $data ) : $data; 186 211 $data = array_map( 'esc_html', $data ); -
display-post-types/trunk/readme.txt
r3396264 r3408797 5 5 Tested up to: 6.8 6 6 Requires PHP: 7.2 7 Stable tag: 3.2. 37 Stable tag: 3.2.4 8 8 License: GPLv3 or later 9 9 License URI: http://www.gnu.org/licenses/gpl-3.0.html … … 101 101 102 102 == Changelog == 103 = 3.2.4 = 104 * Bug Fix: Taxonomy and terms proper sanitization and escaping. 105 103 106 = 3.2.3 = 104 107 * Add: Video for using ACF with custom post types. … … 117 120 118 121 = 3.0.6 = 119 * B ig Fix: Language textdomain loaded early.122 * Bug Fix: Language textdomain loaded early. 120 123 * Modify: Compatibility check with WordPress 6.8 121 124
Note: See TracChangeset
for help on using the changeset viewer.