asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix escaping valid HTML

Browse Source
This commit is contained in:
Brian Miyaji
2021-11-18 00:45:50 +09:00
parent 3ffd38bd1e
commit 01e2ae2069
20 changed files with 3814 additions and 3838 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/sportspress-birthdays.php
View File

@@ -74,7 +74,7 @@ if ( ! class_exists( 'SportsPress_Birthdays' ) ) :
case 'Published on: <b>%1$s</b>':
case 'Schedule for: <b>%1$s</b>':
case 'Publish on: <b>%1$s</b>':
return esc_attr__( 'Birthday: <b>%1$s</b>', 'sportspress' );
return wp_kses_post( __( 'Birthday: <b>%1$s</b>', 'sportspress' ) );
case 'Publish <b>immediately</b>':
return esc_attr__( 'Birthday', 'sportspress' );
case 'M j, Y @ G:i':

8
modules/sportspress-comments-scheduled-events.php
View File

@@ -88,16 +88,16 @@ if ( ! class_exists( 'SportsPress_Comments_Scheduled_Events' ) ) :
if ( get_option( 'require_name_email' ) && ! $user->exists() ) {
if ( '' == $comment_author_email || '' == $comment_author ) {
// return new WP_Error( 'require_name_email', esc_attr__( '<strong>ERROR</strong>: please fill the required fields (name, email).' ), 200 );
wp_die( esc_attr__( '<strong>ERROR</strong>: please fill the required fields (name, email).' ), esc_attr__( 'ERROR: please fill the required fields (name, email).' ), array( 'back_link' => true ) );
wp_die( wp_kses_post( __( '<strong>ERROR</strong>: please fill the required fields (name, email).' ) ), esc_attr__( 'ERROR: please fill the required fields (name, email).' ), array( 'back_link' => true ) );
} elseif ( ! is_email( $comment_author_email ) ) {
// return new WP_Error( 'require_valid_email', esc_attr__( '<strong>ERROR</strong>: please enter a valid email address.' ), 200 );
wp_die( esc_attr__( '<strong>ERROR</strong>: please enter a valid email address.' ), esc_attr__( 'ERROR: please enter a valid email address.' ), array( 'back_link' => true ) );
wp_die( wp_kses_post( __( '<strong>ERROR</strong>: please enter a valid email address.' ) ), esc_attr__( 'ERROR: please enter a valid email address.' ), array( 'back_link' => true ) );
}
}
if ( '' == $comment_content ) {
// return new WP_Error( 'require_valid_comment', esc_attr__( '<strong>ERROR</strong>: please type a comment.' ), 200 );
wp_die( esc_attr__( '<strong>ERROR</strong>: please type a comment.' ), esc_attr__( 'ERROR: please type a comment.' ), array( 'back_link' => true ) );
wp_die( wp_kses_post( __( '<strong>ERROR</strong>: please type a comment.' ) ), esc_attr__( 'ERROR: please type a comment.' ), array( 'back_link' => true ) );
}
$comment_parent = isset( $_POST['comment_parent'] ) ? absint( $_POST['comment_parent'] ) : 0;
@@ -125,7 +125,7 @@ if ( ! class_exists( 'SportsPress_Comments_Scheduled_Events' ) ) :
if ( ! $comment_id ) {
// return new WP_Error( 'comment_save_error', esc_attr__( '<strong>ERROR</strong>: The comment could not be saved. Please try again later.' ), 500 );
wp_die( esc_attr__( '<strong>ERROR</strong>: The comment could not be saved. Please try again later.' ), esc_attr__( 'ERROR: The comment could not be saved. Please try again later.' ), array( 'back_link' => true ) );
wp_die( wp_kses_post( __( '<strong>ERROR</strong>: The comment could not be saved. Please try again later.' ) ), esc_attr__( 'ERROR: The comment could not be saved. Please try again later.' ), array( 'back_link' => true ) );
}
$comment = get_comment( $comment_id );

2
modules/sportspress-officials.php
View File

@@ -423,7 +423,7 @@ if ( ! class_exists( 'SportsPress_Officials' ) ) :
public function register_importer( $importers = array() ) {
$importers['sp_official_csv'] = array(
'name' => esc_attr__( 'SportsPress Officials (CSV)', 'sportspress' ),
'description' => esc_attr__( 'Import <strong>officials</strong> from a csv file.', 'sportspress' ),
'description' => wp_kses_post( __( 'Import <strong>officials</strong> from a csv file.', 'sportspress' ) ),
'callback' => array( $this, 'officials_importer' ),
);
return $importers;