asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sanitize and unslash all inputs

Browse Source
This commit is contained in:
Brian Miyaji
2021-11-14 13:49:51 +09:00
parent 8873e5adeb
commit a605d7ed1a
30 changed files with 98 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
includes/admin/class-sp-admin-taxonomies.php
View File

@@ -267,10 +267,10 @@ class SP_Admin_Taxonomies {
if ( isset( $_POST['term_meta'] ) ) {
$t_id = $term_id;
$term_meta = get_option( "taxonomy_$t_id" );
$cat_keys = array_keys( $_POST['term_meta'] );
$cat_keys = array_keys( wp_unslash( $_POST['term_meta'] ) ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput
foreach ( $cat_keys as $key ) {
if ( isset( $_POST['term_meta'][ $key ] ) ) {
$term_meta[ $key ] = sanitize_text_field( $_POST['term_meta'][ $key ] );
$term_meta[ $key ] = sanitize_text_field( wp_unslash( $_POST['term_meta'][ $key ] ) );
}
}
update_option( "taxonomy_$t_id", $term_meta );