Add sanitization to config variable meta boxes

includes/admin/post-types/meta-boxes/class-sp-meta-box-column-details.php

@@ -71,8 +71,8 @@ class SP_Meta_Box_Column_Details extends SP_Meta_Box_Config {
 	 */
 	public static function save( $post_id, $post ) {
 		self::delete_duplicate( $_POST );
-		update_post_meta( $post_id, 'sp_precision', (int) sp_array_value( $_POST, 'sp_precision', 1 ) );
+		update_post_meta( $post_id, 'sp_precision', (int) sp_array_value( $_POST, 'sp_precision', 1, 'int' ) );
-		update_post_meta( $post_id, 'sp_priority', sp_array_value( $_POST, 'sp_priority', '0' ) );
+		update_post_meta( $post_id, 'sp_priority', sp_array_value( $_POST, 'sp_priority', '0', 'int' ) );
-		update_post_meta( $post_id, 'sp_order', sp_array_value( $_POST, 'sp_order', 'DESC' ) );
+		update_post_meta( $post_id, 'sp_order', sp_array_value( $_POST, 'sp_order', 'DESC', 'text' ) );
 	}
 }

includes/admin/post-types/meta-boxes/class-sp-meta-box-metric-details.php

@@ -57,6 +57,6 @@ class SP_Meta_Box_Metric_Details extends SP_Meta_Box_Config {
 	 */
 	public static function save( $post_id, $post ) {
 		self::delete_duplicate( $_POST );
-		update_post_meta( $post_id, 'sp_visible', sp_array_value( $_POST, 'sp_visible', 1 ) );
+		update_post_meta( $post_id, 'sp_visible', sp_array_value( $_POST, 'sp_visible', 1, 'int' ) );
 	}
 }

includes/admin/post-types/meta-boxes/class-sp-meta-box-outcome-details.php

@@ -79,8 +79,8 @@ class SP_Meta_Box_Outcome_Details extends SP_Meta_Box_Config {
 	 * Save meta box data
 	 */
 	public static function save( $post_id, $post ) {
-		update_post_meta( $post_id, 'sp_abbreviation', sp_array_value( $_POST, 'sp_abbreviation', array() ) );
+		update_post_meta( $post_id, 'sp_abbreviation', sp_array_value( $_POST, 'sp_abbreviation', array(), 'text' ) );
-		update_post_meta( $post_id, 'sp_color', sp_array_value( $_POST, 'sp_color', array() ) );
+		update_post_meta( $post_id, 'sp_color', sp_array_value( $_POST, 'sp_color', array(), 'text' ) );
-		update_post_meta( $post_id, 'sp_condition', sp_array_value( $_POST, 'sp_condition', array() ) );
+		update_post_meta( $post_id, 'sp_condition', sp_array_value( $_POST, 'sp_condition', array(), 'text' ) );
 	}
 }

includes/admin/post-types/meta-boxes/class-sp-meta-box-performance-details.php

@@ -166,14 +166,14 @@ class SP_Meta_Box_Performance_Details extends SP_Meta_Box_Config {
 	 */
 	public static function save( $post_id, $post ) {
 		self::delete_duplicate( $_POST );
-		update_post_meta( $post_id, 'sp_singular', sp_array_value( $_POST, 'sp_singular', '' ) );
+		update_post_meta( $post_id, 'sp_singular', sp_array_value( $_POST, 'sp_singular', '', 'text' ) );
-		update_post_meta( $post_id, 'sp_section', (int) sp_array_value( $_POST, 'sp_section', -1 ) );
+		update_post_meta( $post_id, 'sp_section', (int) sp_array_value( $_POST, 'sp_section', -1, 'int' ) );
-		update_post_meta( $post_id, 'sp_format', sp_array_value( $_POST, 'sp_format', 'number' ) );
+		update_post_meta( $post_id, 'sp_format', sp_array_value( $_POST, 'sp_format', 'number', 'int' ) );
-		update_post_meta( $post_id, 'sp_precision', sp_array_value( $_POST, 'sp_precision', 0 ) );
+		update_post_meta( $post_id, 'sp_precision', sp_array_value( $_POST, 'sp_precision', 0, 'int' ) );
-		update_post_meta( $post_id, 'sp_timed', sp_array_value( $_POST, 'sp_timed', 0 ) );
+		update_post_meta( $post_id, 'sp_timed', sp_array_value( $_POST, 'sp_timed', 0, 'int' ) );
-		update_post_meta( $post_id, 'sp_sendoff', sp_array_value( $_POST, 'sp_sendoff', 0 ) );
+		update_post_meta( $post_id, 'sp_sendoff', sp_array_value( $_POST, 'sp_sendoff', 0, 'int' ) );
 		if ( 'auto' === get_option( 'sportspress_player_columns', 'auto' ) ) {
-			update_post_meta( $post_id, 'sp_visible', sp_array_value( $_POST, 'sp_visible', 1 ) );
+			update_post_meta( $post_id, 'sp_visible', sp_array_value( $_POST, 'sp_visible', 1, 'int' ) );
 		}
 	}
 }

includes/admin/post-types/meta-boxes/class-sp-meta-box-result-details.php

@@ -48,6 +48,6 @@ class SP_Meta_Box_Result_Details extends SP_Meta_Box_Config {
 	 */
 	public static function save( $post_id, $post ) {
 		self::delete_duplicate( $_POST );
-		update_post_meta( $post_id, 'sp_precision', (int) sp_array_value( $_POST, 'sp_precision', 1 ) );
+		update_post_meta( $post_id, 'sp_precision', (int) sp_array_value( $_POST, 'sp_precision', 1, 'int' ) );
 	}
 }

includes/admin/post-types/meta-boxes/class-sp-meta-box-spec-details.php

@@ -57,6 +57,6 @@ class SP_Meta_Box_Spec_Details extends SP_Meta_Box_Config {
 	 */
 	public static function save( $post_id, $post ) {
 		self::delete_duplicate( $_POST );
-		update_post_meta( $post_id, 'sp_visible', sp_array_value( $_POST, 'sp_visible', 1 ) );
+		update_post_meta( $post_id, 'sp_visible', sp_array_value( $_POST, 'sp_visible', 1, 'int' ) );
 	}
 }

includes/admin/post-types/meta-boxes/class-sp-meta-box-statistic-details.php

@@ -103,11 +103,11 @@ class SP_Meta_Box_Statistic_Details extends SP_Meta_Box_Config {
 	 */
 	public static function save( $post_id, $post ) {
 		self::delete_duplicate( $_POST );
-		update_post_meta( $post_id, 'sp_section', (int) sp_array_value( $_POST, 'sp_section', -1 ) );
+		update_post_meta( $post_id, 'sp_section', (int) sp_array_value( $_POST, 'sp_section', -1, 'int' ) );
-		update_post_meta( $post_id, 'sp_type', sp_array_value( $_POST, 'sp_type', 'total' ) );
+		update_post_meta( $post_id, 'sp_type', sp_array_value( $_POST, 'sp_type', 'total', 'key' ) );
-		update_post_meta( $post_id, 'sp_format', sp_array_value( $_POST, 'sp_format', 'number' ) );
+		update_post_meta( $post_id, 'sp_format', sp_array_value( $_POST, 'sp_format', 'number', 'int' ) );
-		update_post_meta( $post_id, 'sp_precision', (int) sp_array_value( $_POST, 'sp_precision', 1 ) );
+		update_post_meta( $post_id, 'sp_precision', (int) sp_array_value( $_POST, 'sp_precision', 1, 'int' ) );
-		update_post_meta( $post_id, 'sp_visible', sp_array_value( $_POST, 'sp_visible', 1 ) );
+		update_post_meta( $post_id, 'sp_visible', sp_array_value( $_POST, 'sp_visible', 1, 'int' ) );
 	}
 
 }