asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Escapes based on phpcs #12

Browse Source
This commit is contained in:
savvasha
2021-11-13 09:33:19 +02:00
parent 051d3e3055
commit 268ff79463
4 changed files with 30 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
includes/admin/post-types/meta-boxes/class-sp-meta-box-column-details.php
View File

@@ -36,16 +36,16 @@ class SP_Meta_Box_Column_Details extends SP_Meta_Box_Config {
$precision = 0; $precision = 0;
} }
?> ?>
<p><strong><?php _e( 'Key', 'sportspress' ); ?></strong></p> <p><strong><?php esc_html_e( 'Key', 'sportspress' ); ?></strong></p>
<p> <p>
<input name="sp_default_key" type="hidden" id="sp_default_key" value="<?php echo esc_attr( $post->post_name ); ?>"> <input name="sp_default_key" type="hidden" id="sp_default_key" value="<?php echo esc_attr( $post->post_name ); ?>">
<input name="sp_key" type="text" id="sp_key" value="<?php echo esc_attr( $post->post_name ); ?>"> <input name="sp_key" type="text" id="sp_key" value="<?php echo esc_attr( $post->post_name ); ?>">
</p> </p>
<p><strong><?php _e( 'Decimal Places', 'sportspress' ); ?></strong></p> <p><strong><?php esc_html_e( 'Decimal Places', 'sportspress' ); ?></strong></p>
<p class="sp-precision-selector"> <p class="sp-precision-selector">
<input name="sp_precision" type="text" size="4" id="sp_precision" value="<?php echo esc_attr( $precision ); ?>" placeholder="0"> <input name="sp_precision" type="text" size="4" id="sp_precision" value="<?php echo esc_attr( $precision ); ?>" placeholder="0">
</p> </p>
<p><strong><?php _e( 'Sort Order', 'sportspress' ); ?></strong></p> <p><strong><?php esc_html_e( 'Sort Order', 'sportspress' ); ?></strong></p>
<p class="sp-order-selector"> <p class="sp-order-selector">
<select name="sp_priority"> <select name="sp_priority">
<?php <?php
@@ -55,7 +55,7 @@ class SP_Meta_Box_Column_Details extends SP_Meta_Box_Config {
$options[ $i ] = $i; $options[ $i ] = $i;
endfor; endfor;
foreach ( $options as $key => $value ) : foreach ( $options as $key => $value ) :
printf( '<option value="%s" %s>%s</option>', $key, selected( true, $key == $priority, false ), $value ); printf( '<option value="%s" %s>%s</option>', esc_attr( $key ), selected( true, $key == $priority, false ), esc_html( $value ) );
endforeach; endforeach;
?> ?>
</select> </select>
@@ -66,7 +66,7 @@ class SP_Meta_Box_Column_Details extends SP_Meta_Box_Config {
'ASC' => __( 'Ascending', 'sportspress' ), 'ASC' => __( 'Ascending', 'sportspress' ),
); );
foreach ( $options as $key => $value ) : foreach ( $options as $key => $value ) :
printf( '<option value="%s" %s>%s</option>', $key, selected( true, $key == $order, false ), $value ); printf( '<option value="%s" %s>%s</option>', esc_attr( $key ), selected( true, $key == $order, false ), esc_html( $value ) );
endforeach; endforeach;
?> ?>
</select> </select>

10
includes/admin/post-types/meta-boxes/class-sp-meta-box-event-performance.php
View File

@@ -563,11 +563,11 @@ endforeach;
$times = false; $times = false;
} }
?> ?>
<?php echo self::status_select( $team_id, $player_id, sp_array_value( $player_performance, 'status', null ) ); ?><br> <?php echo wp_kses( self::status_select( $team_id, $player_id, sp_array_value( $player_performance, 'status', null ) ), array( 'select' => array( 'class' => array(), 'name' => array() ), 'option' => array( 'value' => array() ) ) ); ?><br>
<?php echo self::sub_select( $team_id, $player_id, sp_array_value( $player_performance, 'sub', null ), $data ); ?><br> <?php echo wp_kses( self::sub_select( $team_id, $player_id, sp_array_value( $player_performance, 'sub', null ), $data ), array( 'select' => array( 'class' => array(), 'name' => array() ), 'option' => array( 'value' => array() ) ) ); ?><br>
<?php if ( is_array( $times ) ) { ?> <?php if ( is_array( $times ) ) { ?>
<input class="sp-sync-input small-text" type="text" name="sp_timeline[<?php echo esc_attr( $team_id ); ?>][<?php echo esc_attr( $player_id ); ?>][sub][]" value="<?php echo esc_attr( sp_array_value( $times, 0, '' ) ); ?>" placeholder="-" /> <input class="sp-sync-input small-text" type="text" name="sp_timeline[<?php echo esc_attr( $team_id ); ?>][<?php echo esc_attr( $player_id ); ?>][sub][]" value="<?php echo esc_attr( sp_array_value( $times, 0, '' ) ); ?>" placeholder="-" />
<span class="description"><?php _e( 'mins', 'sportspress' ); ?></span> <span class="description"><?php esc_html_e( 'mins', 'sportspress' ); ?></span>
<?php } ?> <?php } ?>
</td> </td>
<?php } ?> <?php } ?>
@@ -576,10 +576,10 @@ endforeach;
<?php <?php
switch ( $stars_type ) { switch ( $stars_type ) {
case 1: case 1:
echo '<input type="checkbox" name="sp_stars[' . $player_id . ']" value="1" ' . checked( sp_array_value( $stars, $player_id, '' ) == '', false, false ) . '>'; echo '<input type="checkbox" name="sp_stars[' . esc_attr( $player_id ) . ']" value="1" ' . checked( sp_array_value( $stars, $player_id, '' ) == '', false, false ) . '>';
break; break;
default: default:
echo '<input type="text" name="sp_stars[' . $player_id . ']" class="tiny-text sp-player-stars-input sp-sync-input" value="' . sp_array_value( $stars, $player_id, '' ) . '">'; echo '<input type="text" name="sp_stars[' . esc_attr( $player_id ) . ']" class="tiny-text sp-player-stars-input sp-sync-input" value="' . esc_attr( sp_array_value( $stars, $player_id, '' ) ) . '">';
} }
?> ?>
</td> </td>

2
includes/admin/post-types/meta-boxes/class-sp-meta-box-list-shortcode.php
View File

@@ -27,7 +27,7 @@ class SP_Meta_Box_List_Shortcode {
} }
?> ?>
<p class="howto"> <p class="howto">
<?php _e( 'Copy this code and paste it into your post, page or text widget content.', 'sportspress' ); ?> <?php esc_html_e( 'Copy this code and paste it into your post, page or text widget content.', 'sportspress' ); ?>
</p> </p>
<p><input type="text" value="<?php sp_shortcode_template( 'player_' . $the_format, $post->ID ); ?>" readonly="readonly" class="code widefat"></p> <p><input type="text" value="<?php sp_shortcode_template( 'player_' . $the_format, $post->ID ); ?>" readonly="readonly" class="code widefat"></p>
<?php <?php

38
includes/admin/post-types/meta-boxes/class-sp-meta-box-performance-details.php
View File

@@ -56,7 +56,7 @@ class SP_Meta_Box_Performance_Details extends SP_Meta_Box_Config {
$sendoff = false; $sendoff = false;
} }
?> ?>
<p><strong><?php _e( 'Variable', 'sportspress' ); ?></strong></p> <p><strong><?php esc_html_e( 'Variable', 'sportspress' ); ?></strong></p>
<p> <p>
<input name="sp_default_key" type="hidden" id="sp_default_key" value="<?php echo esc_attr( $post->post_name ); ?>"> <input name="sp_default_key" type="hidden" id="sp_default_key" value="<?php echo esc_attr( $post->post_name ); ?>">
<input name="sp_key" type="text" id="sp_key" value="<?php echo esc_attr( $post->post_name ); ?>" <input name="sp_key" type="text" id="sp_key" value="<?php echo esc_attr( $post->post_name ); ?>"
@@ -65,11 +65,11 @@ class SP_Meta_Box_Performance_Details extends SP_Meta_Box_Config {
?> ?>
readonly="readonly"<?php } ?>> readonly="readonly"<?php } ?>>
</p> </p>
<p><strong><?php _e( 'Singular', 'sportspress' ); ?></strong></p> <p><strong><?php esc_html_e( 'Singular', 'sportspress' ); ?></strong></p>
<p> <p>
<input name="sp_singular" type="text" id="sp_singular" placeholder="<?php echo esc_attr( $post->post_title ); ?>" value="<?php echo esc_attr( $singular ); ?>"> <input name="sp_singular" type="text" id="sp_singular" placeholder="<?php echo esc_attr( $post->post_title ); ?>" value="<?php echo esc_attr( $singular ); ?>">
</p> </p>
<p><strong><?php _e( 'Category', 'sportspress' ); ?></strong></p> <p><strong><?php esc_html_e( 'Category', 'sportspress' ); ?></strong></p>
<p class="sp-section-selector"> <p class="sp-section-selector">
<select name="sp_section"> <select name="sp_section">
<?php <?php
@@ -85,12 +85,12 @@ class SP_Meta_Box_Performance_Details extends SP_Meta_Box_Config {
) )
); );
foreach ( $options as $key => $value ) : foreach ( $options as $key => $value ) :
printf( '<option value="%s" %s>%s</option>', $key, selected( $key == $section, true, false ), $value ); printf( '<option value="%s" %s>%s</option>', esc_attr( $key ), selected( $key == $section, true, false ), esc_html( $value ) );
endforeach; endforeach;
?> ?>
</select> </select>
</p> </p>
<p><strong><?php _e( 'Format', 'sportspress' ); ?></strong></p> <p><strong><?php esc_html_e( 'Format', 'sportspress' ); ?></strong></p>
<p class="sp-format-selector"> <p class="sp-format-selector">
<select name="sp_format"> <select name="sp_format">
<?php <?php
@@ -108,53 +108,53 @@ class SP_Meta_Box_Performance_Details extends SP_Meta_Box_Config {
) )
); );
foreach ( $options as $key => $value ) : foreach ( $options as $key => $value ) :
printf( '<option value="%s" %s>%s</option>', $key, selected( $key == $format, true, false ), $value ); printf( '<option value="%s" %s>%s</option>', esc_attr( $key ), selected( $key == $format, true, false ), esc_html( $value ) );
endforeach; endforeach;
?> ?>
</select> </select>
</p> </p>
<div id="sp_precisiondiv"> <div id="sp_precisiondiv">
<p><strong><?php _e( 'Decimal Places', 'sportspress' ); ?></strong></p> <p><strong><?php esc_html_e( 'Decimal Places', 'sportspress' ); ?></strong></p>
<p> <p>
<input name="sp_precision" type="text" size="4" id="sp_precision" value="<?php echo esc_attr( $precision ); ?>" placeholder="0"> <input name="sp_precision" type="text" size="4" id="sp_precision" value="<?php echo esc_attr( $precision ); ?>" placeholder="0">
</p> </p>
</div> </div>
<div id="sp_timeddiv"> <div id="sp_timeddiv">
<p> <p>
<strong><?php _e( 'Timed', 'sportspress' ); ?></strong> <strong><?php esc_html_e( 'Timed', 'sportspress' ); ?></strong>
<i class="dashicons dashicons-editor-help sp-desc-tip" title="<?php _e( 'Record minutes?', 'sportspress' ); ?>"></i> <i class="dashicons dashicons-editor-help sp-desc-tip" title="<?php esc_attr_e( 'Record minutes?', 'sportspress' ); ?>"></i>
</p> </p>
<ul class="sp-timed-selector"> <ul class="sp-timed-selector">
<li> <li>
<label class="selectit"> <label class="selectit">
<input name="sp_timed" id="sp_timed_yes" type="radio" value="1" <?php checked( $timed ); ?>> <input name="sp_timed" id="sp_timed_yes" type="radio" value="1" <?php checked( $timed ); ?>>
<?php _e( 'Yes', 'sportspress' ); ?> <?php esc_html_e( 'Yes', 'sportspress' ); ?>
</label> </label>
</li> </li>
<li> <li>
<label class="selectit"> <label class="selectit">
<input name="sp_timed" id="sp_timed_no" type="radio" value="0" <?php checked( ! $timed ); ?>> <input name="sp_timed" id="sp_timed_no" type="radio" value="0" <?php checked( ! $timed ); ?>>
<?php _e( 'No', 'sportspress' ); ?> <?php esc_html_e( 'No', 'sportspress' ); ?>
</label> </label>
</li> </li>
</ul> </ul>
</div> </div>
<div id="sp_sendoffdiv"> <div id="sp_sendoffdiv">
<p> <p>
<strong><?php _e( 'Send Off', 'sportspress' ); ?></strong> <strong><?php esc_html_e( 'Send Off', 'sportspress' ); ?></strong>
<i class="dashicons dashicons-editor-help sp-desc-tip" title="<?php _e( "Don't count minutes after?", 'sportspress' ); ?>"></i> <i class="dashicons dashicons-editor-help sp-desc-tip" title="<?php esc_attr_e( "Don't count minutes after?", 'sportspress' ); ?>"></i>
</p> </p>
<ul class="sp-sendoff-selector"> <ul class="sp-sendoff-selector">
<li> <li>
<label class="selectit"> <label class="selectit">
<input name="sp_sendoff" id="sp_sendoff_yes" type="radio" value="1" <?php checked( $sendoff ); ?>> <input name="sp_sendoff" id="sp_sendoff_yes" type="radio" value="1" <?php checked( $sendoff ); ?>>
<?php _e( 'Yes', 'sportspress' ); ?> <?php esc_html_e( 'Yes', 'sportspress' ); ?>
</label> </label>
</li> </li>
<li> <li>
<label class="selectit"> <label class="selectit">
<input name="sp_sendoff" id="sp_sendoff_no" type="radio" value="0" <?php checked( ! $sendoff ); ?>> <input name="sp_sendoff" id="sp_sendoff_no" type="radio" value="0" <?php checked( ! $sendoff ); ?>>
<?php _e( 'No', 'sportspress' ); ?> <?php esc_html_e( 'No', 'sportspress' ); ?>
</label> </label>
</li> </li>
</ul> </ul>
@@ -167,20 +167,20 @@ class SP_Meta_Box_Performance_Details extends SP_Meta_Box_Config {
} }
?> ?>
<p> <p>
<strong><?php _e( 'Visible', 'sportspress' ); ?></strong> <strong><?php esc_html_e( 'Visible', 'sportspress' ); ?></strong>
<i class="dashicons dashicons-editor-help sp-desc-tip" title="<?php _e( 'Display in player profile?', 'sportspress' ); ?>"></i> <i class="dashicons dashicons-editor-help sp-desc-tip" title="<?php esc_attr_e( 'Display in player profile?', 'sportspress' ); ?>"></i>
</p> </p>
<ul class="sp-visible-selector"> <ul class="sp-visible-selector">
<li> <li>
<label class="selectit"> <label class="selectit">
<input name="sp_visible" id="sp_visible_yes" type="radio" value="1" <?php checked( $visible ); ?>> <input name="sp_visible" id="sp_visible_yes" type="radio" value="1" <?php checked( $visible ); ?>>
<?php _e( 'Yes', 'sportspress' ); ?> <?php esc_html_e( 'Yes', 'sportspress' ); ?>
</label> </label>
</li> </li>
<li> <li>
<label class="selectit"> <label class="selectit">
<input name="sp_visible" id="sp_visible_no" type="radio" value="0" <?php checked( ! $visible ); ?>> <input name="sp_visible" id="sp_visible_no" type="radio" value="0" <?php checked( ! $visible ); ?>>
<?php _e( 'No', 'sportspress' ); ?> <?php esc_html_e( 'No', 'sportspress' ); ?>
</label> </label>
</li> </li>
</ul> </ul>