asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Escape import variables ( issue with greet() function )

Browse Source
This commit is contained in:
Savvas Hadjigeorgiou
2021-11-12 08:01:30 +02:00
parent f5aae77471
commit bec7a43b42
7 changed files with 33 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
includes/admin/importers/class-sp-event-importer.php
View File

@@ -494,8 +494,8 @@ if ( class_exists( 'WP_Importer' ) ) {
function greet() {
echo '<div class="narrow">';
echo '<p>' . esc_html__( 'Hi there! Choose a .csv file to upload, then click "Upload file and import".', 'sportspress' ) . '</p>';
echo '<p>' . sprintf( esc_html__( 'Events need to be defined with columns in a specific order (3+ columns). <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/events-sample.csv' ) . '</p>';
echo '<p>' . sprintf( esc_html__( 'Supports CSV files generated by <a href="%s">LeagueLobster</a>.', 'sportspress' ), 'http://tboy.co/leaguelobster' ) . '</p>';
echo '<p>' . sprintf( __( 'Events need to be defined with columns in a specific order (3+ columns). <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/events-sample.csv' ) . '</p>';
echo '<p>' . sprintf( __( 'Supports CSV files generated by <a href="%s">LeagueLobster</a>.', 'sportspress' ), 'http://tboy.co/leaguelobster' ) . '</p>';
wp_import_upload_form( 'admin.php?import=sp_event_csv&step=1' );
echo '</div>';
}

20
includes/admin/importers/class-sp-event-performance-importer.php
View File

@@ -135,7 +135,7 @@ if ( class_exists( 'WP_Importer' ) ) {
// Show Result
echo '<div class="updated settings-error below-h2"><p>
' . sprintf( __( 'Import complete - imported <strong>%1$s</strong> rows and skipped <strong>%2$s</strong>.', 'sportspress' ), $this->imported, $this->skipped ) . '
' . sprintf( esc_html__( 'Import complete - imported <strong>%1$s</strong> rows and skipped <strong>%2$s</strong>.', 'sportspress' ), esc_html( $this->imported ), esc_html( $this->skipped ) ) . '
</p></div>';
$this->import_end( $event );
@@ -145,7 +145,7 @@ if ( class_exists( 'WP_Importer' ) ) {
* Performs post-import cleanup of files and the cache
*/
function import_end( $event = 0 ) {
echo '<p>' . __( 'All done!', 'sportspress' ) . ' <a href="' . admin_url(
echo '<p>' . esc_html__( 'All done!', 'sportspress' ) . ' <a href="' . esc_url( admin_url(
add_query_arg(
array(
'post' => $event,
@@ -153,7 +153,7 @@ if ( class_exists( 'WP_Importer' ) ) {
),
'post.php'
)
) . '">' . __( 'View Event', 'sportspress' ) . '</a>' . '</p>';
) ) . '">' . esc_html__( 'View Event', 'sportspress' ) . '</a>' . '</p>';
do_action( 'import_end' );
}
@@ -177,11 +177,11 @@ if ( class_exists( 'WP_Importer' ) ) {
'step' => '1',
)
);
echo '<p>' . __( 'Hi there! Choose a .csv file to upload, then click "Upload file and import".', 'sportspress' ) . '</p>';
echo '<p>' . sprintf( __( 'Box scores need to be defined with columns in a specific order. <a href="%s">Click here to download a sample</a>.', 'sportspress' ), plugin_dir_url( SP_PLUGIN_FILE ) . 'dummy-data/event-performance-sample.csv' ) . '</p>';
echo '<p>' . esc_html__( 'Hi there! Choose a .csv file to upload, then click "Upload file and import".', 'sportspress' ) . '</p>';
echo '<p>' . sprintf( __( 'Box scores need to be defined with columns in a specific order. <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/event-performance-sample.csv' ) . '</p>';
wp_import_upload_form( add_query_arg( $args, 'admin.php' ) );
} else {
echo '<p><a href="' . admin_url( add_query_arg( array( 'post_type' => 'sp_event' ), 'edit.php' ) ) . '">' . sprintf( __( 'Select %s', 'sportspress' ), __( 'Event', 'sportspress' ) ) . '</a></p>';
echo '<p><a href="' . esc_url( admin_url( add_query_arg( array( 'post_type' => 'sp_event' ), 'edit.php' ) ) ) . '">' . sprintf( esc_html__( 'Select %s', 'sportspress' ), esc_html__( 'Event', 'sportspress' ) ) . '</a></p>';
}
echo '</div>';
@@ -203,10 +203,10 @@ if ( class_exists( 'WP_Importer' ) ) {
<table class="form-table">
<tbody>
<tr>
<th scope="row"><label><?php _e( 'Event', 'sportspress' ); ?></label><br/></th>
<th scope="row"><label><?php esc_html_e( 'Event', 'sportspress' ); ?></label><br/></th>
<td>
<a href="<?php echo get_post_permalink( $event ); ?>" target="_blank">
<?php echo get_the_title( $event ); ?>
<a href="<?php echo esc_url( get_post_permalink( $event ) ); ?>" target="_blank">
<?php echo esc_html( get_the_title( $event ) ); ?>
</a>
<input type="hidden" name="sp_event" value="<?php echo esc_attr( $event ); ?>">
<input type="hidden" name="sp_teams" value="<?php echo esc_attr( $teams ); ?>">
@@ -214,7 +214,7 @@ if ( class_exists( 'WP_Importer' ) ) {
</td>
</tr>
<tr>
<th scope="row"><label><?php _e( 'Team', 'sportspress' ); ?></label><br/></th>
<th scope="row"><label><?php esc_html_e( 'Team', 'sportspress' ); ?></label><br/></th>
<td>
<?php
$args = array(

24
includes/admin/importers/class-sp-fixture-importer.php
View File

@@ -260,7 +260,7 @@ if ( class_exists( 'WP_Importer' ) ) {
// Show Result
echo '<div class="updated settings-error below-h2"><p>
' . sprintf( __( 'Import complete - imported <strong>%1$s</strong> events and skipped <strong>%2$s</strong>.', 'sportspress' ), $this->imported, $this->skipped ) . '
' . sprintf( esc_html__( 'Import complete - imported <strong>%1$s</strong> events and skipped <strong>%2$s</strong>.', 'sportspress' ), esc_html( $this->imported ), esc_html( $this->skipped ) ) . '
</p></div>';
$this->import_end();
@@ -270,7 +270,7 @@ if ( class_exists( 'WP_Importer' ) ) {
* Performs post-import cleanup of files and the cache
*/
function import_end() {
echo '<p>' . __( 'All done!', 'sportspress' ) . ' <a href="' . admin_url( 'edit.php?post_type=sp_event' ) . '">' . __( 'View Fixtures', 'sportspress' ) . '</a>' . '</p>';
echo '<p>' . esc_html__( 'All done!', 'sportspress' ) . ' <a href="' . esc_url( admin_url( 'edit.php?post_type=sp_event' ) ) . '">' . esc_html__( 'View Fixtures', 'sportspress' ) . '</a>' . '</p>';
do_action( 'import_end' );
}
@@ -283,8 +283,8 @@ if ( class_exists( 'WP_Importer' ) ) {
*/
function greet() {
echo '<div class="narrow">';
echo '<p>' . __( 'Hi there! Choose a .csv file to upload, then click "Upload file and import".', 'sportspress' ) . '</p>';
echo '<p>' . sprintf( __( 'Fixtures need to be defined with columns in a specific order (4+ columns). <a href="%s">Click here to download a sample</a>.', 'sportspress' ), plugin_dir_url( SP_PLUGIN_FILE ) . 'dummy-data/fixtures-sample.csv' ) . '</p>';
echo '<p>' . esc_html__( 'Hi there! Choose a .csv file to upload, then click "Upload file and import".', 'sportspress' ) . '</p>';
echo '<p>' . sprintf( __( 'Fixtures need to be defined with columns in a specific order (4+ columns). <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/fixtures-sample.csv' ) . '</p>';
echo '<p>' . sprintf( __( 'Supports CSV files generated by <a href="%s">LeagueLobster</a>.', 'sportspress' ), 'http://tboy.co/leaguelobster' ) . '</p>';
wp_import_upload_form( 'admin.php?import=sp_fixture_csv&step=1' );
echo '</div>';
@@ -301,18 +301,18 @@ if ( class_exists( 'WP_Importer' ) ) {
<table class="form-table">
<tbody>
<tr>
<th scope="row"><label><?php _e( 'Format', 'sportspress' ); ?></label><br/></th>
<th scope="row"><label><?php esc_html_e( 'Format', 'sportspress' ); ?></label><br/></th>
<td class="forminp forminp-radio" id="sp_formatdiv">
<fieldset id="post-formats-select">
<ul>
<li><input type="radio" name="sp_format" class="post-format" id="post-format-league" value="league" checked="checked"> <label for="post-format-league" class="post-format-icon post-format-league"><?php _e( 'Competitive', 'sportspress' ); ?></label></li>
<li><input type="radio" name="sp_format" class="post-format" id="post-format-friendly" value="friendly"> <label for="post-format-friendly" class="post-format-icon post-format-friendly"><?php _e( 'Friendly', 'sportspress' ); ?></label></li>
<li><input type="radio" name="sp_format" class="post-format" id="post-format-league" value="league" checked="checked"> <label for="post-format-league" class="post-format-icon post-format-league"><?php esc_html_e( 'Competitive', 'sportspress' ); ?></label></li>
<li><input type="radio" name="sp_format" class="post-format" id="post-format-friendly" value="friendly"> <label for="post-format-friendly" class="post-format-icon post-format-friendly"><?php esc_html_e( 'Friendly', 'sportspress' ); ?></label></li>
<br>
</fieldset>
</td>
</tr>
<tr>
<th scope="row"><label><?php _e( 'League', 'sportspress' ); ?></label><br/></th>
<th scope="row"><label><?php esc_html_e( 'League', 'sportspress' ); ?></label><br/></th>
<td>
<?php
$args = array(
@@ -322,14 +322,14 @@ if ( class_exists( 'WP_Importer' ) ) {
'show_option_none' => __( '&mdash; Not set &mdash;', 'sportspress' ),
);
if ( ! sp_dropdown_taxonomies( $args ) ) :
echo '<p>' . __( 'None', 'sportspress' ) . '</p>';
echo '<p>' . esc_html__( 'None', 'sportspress' ) . '</p>';
sp_taxonomy_adder( 'sp_league', 'sp_team', __( 'Add New', 'sportspress' ) );
endif;
?>
</td>
</tr>
<tr>
<th scope="row"><label><?php _e( 'Season', 'sportspress' ); ?></label><br/></th>
<th scope="row"><label><?php esc_html_e( 'Season', 'sportspress' ); ?></label><br/></th>
<td>
<?php
$args = array(
@@ -339,7 +339,7 @@ if ( class_exists( 'WP_Importer' ) ) {
'show_option_none' => __( '&mdash; Not set &mdash;', 'sportspress' ),
);
if ( ! sp_dropdown_taxonomies( $args ) ) :
echo '<p>' . __( 'None', 'sportspress' ) . '</p>';
echo '<p>' . esc_html__( 'None', 'sportspress' ) . '</p>';
sp_taxonomy_adder( 'sp_season', 'sp_team', __( 'Add New', 'sportspress' ) );
endif;
?>
@@ -347,7 +347,7 @@ if ( class_exists( 'WP_Importer' ) ) {
</tr>
<tr>
<th scope="row" class="titledesc">
<?php _e( 'Date Format', 'sportspress' ); ?>
<?php esc_html_e( 'Date Format', 'sportspress' ); ?>
</th>
<td class="forminp forminp-radio">
<fieldset>

2
includes/admin/importers/class-sp-official-importer.php
View File

@@ -117,7 +117,7 @@ if ( class_exists( 'WP_Importer' ) ) {
function greet() {
echo '<div class="narrow">';
echo '<p>' . esc_html__( 'Hi there! Choose a .csv file to upload, then click "Upload file and import".', 'sportspress' ) . '</p>';
echo '<p>' . sprintf( esc_html__( 'Officials need to be defined with columns in a specific order. <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/officials-sample.csv' ) . '</p>';
echo '<p>' . sprintf( __( 'Officials need to be defined with columns in a specific order. <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/officials-sample.csv' ) . '</p>';
wp_import_upload_form( 'admin.php?import=sp_official_csv&step=1' );
echo '</div>';
}

2
includes/admin/importers/class-sp-player-importer.php
View File

@@ -250,7 +250,7 @@ if ( class_exists( 'WP_Importer' ) ) {
function greet() {
echo '<div class="narrow">';
echo '<p>' . esc_html__( 'Hi there! Choose a .csv file to upload, then click "Upload file and import".', 'sportspress' ) . '</p>';
echo '<p>' . sprintf( esc_html__( 'Players need to be defined with columns in a specific order (8 columns). <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/players-sample.csv' ) . '</p>';
echo '<p>' . sprintf( __( 'Players need to be defined with columns in a specific order (8 columns). <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/players-sample.csv' ) . '</p>';
wp_import_upload_form( 'admin.php?import=sp_player_csv&step=1' );
echo '</div>';
}

12
includes/admin/importers/class-sp-staff-importer.php
View File

@@ -164,7 +164,7 @@ if ( class_exists( 'WP_Importer' ) ) {
// Show Result
echo '<div class="updated settings-error below-h2"><p>
' . sprintf( __( 'Import complete - imported <strong>%1$s</strong> staff and skipped <strong>%2$s</strong>.', 'sportspress' ), $this->imported, $this->skipped ) . '
' . sprintf( esc_html__( 'Import complete - imported <strong>%1$s</strong> staff and skipped <strong>%2$s</strong>.', 'sportspress' ), esc_html( $this->imported ), esc_html( $this->skipped ) ) . '
</p></div>';
$this->import_end();
@@ -174,7 +174,7 @@ if ( class_exists( 'WP_Importer' ) ) {
* Performs post-import cleanup of files and the cache
*/
function import_end() {
echo '<p>' . __( 'All done!', 'sportspress' ) . ' <a href="' . admin_url( 'edit.php?post_type=sp_staff' ) . '">' . __( 'View Staff', 'sportspress' ) . '</a>' . '</p>';
echo '<p>' . esc_html__( 'All done!', 'sportspress' ) . ' <a href="' . esc_url( admin_url( 'edit.php?post_type=sp_staff' ) ) . '">' . esc_html__( 'View Staff', 'sportspress' ) . '</a>' . '</p>';
do_action( 'import_end' );
}
@@ -186,7 +186,7 @@ if ( class_exists( 'WP_Importer' ) ) {
* @return void
*/
function header() {
echo '<div class="wrap"><h2>' . __( 'Import Staff', 'sportspress' ) . '</h2>';
echo '<div class="wrap"><h2>' . esc_html__( 'Import Staff', 'sportspress' ) . '</h2>';
}
/**
@@ -197,8 +197,8 @@ if ( class_exists( 'WP_Importer' ) ) {
*/
function greet() {
echo '<div class="narrow">';
echo '<p>' . __( 'Hi there! Choose a .csv file to upload, then click "Upload file and import".', 'sportspress' ) . '</p>';
echo '<p>' . sprintf( __( 'Staff need to be defined with columns in a specific order (6 columns). <a href="%s">Click here to download a sample</a>.', 'sportspress' ), plugin_dir_url( SP_PLUGIN_FILE ) . 'dummy-data/staff-sample.csv' ) . '</p>';
echo '<p>' . esc_html__( 'Hi there! Choose a .csv file to upload, then click "Upload file and import".', 'sportspress' ) . '</p>';
echo '<p>' . sprintf( __( 'Staff need to be defined with columns in a specific order (6 columns). <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/staff-sample.csv' ) . '</p>';
wp_import_upload_form( 'admin.php?import=sp_staff_csv&step=1' );
echo '</div>';
}
@@ -218,7 +218,7 @@ if ( class_exists( 'WP_Importer' ) ) {
<label>
<input type="hidden" name="merge" value="0">
<input type="checkbox" name="merge" value="1" checked="checked">
<?php _e( 'Merge duplicates', 'sportspress' ); ?>
<?php esc_html_e( 'Merge duplicates', 'sportspress' ); ?>
</label>
</td>
</tr>

2
includes/admin/importers/class-sp-team-importer.php
View File

@@ -144,7 +144,7 @@ if ( class_exists( 'WP_Importer' ) ) {
function greet() {
echo '<div class="narrow">';
echo '<p>' . esc_html__( 'Hi there! Choose a .csv file to upload, then click "Upload file and import".', 'sportspress' ) . '</p>';
echo '<p>' . sprintf( esc_html__( 'Teams need to be defined with columns in a specific order (3 columns). <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/teams-sample.csv' ) . '</p>';
echo '<p>' . sprintf( __( 'Teams need to be defined with columns in a specific order (3 columns). <a href="%s">Click here to download a sample</a>.', 'sportspress' ), esc_url( plugin_dir_url( SP_PLUGIN_FILE ) ) . 'dummy-data/teams-sample.csv' ) . '</p>';
wp_import_upload_form( 'admin.php?import=sp_team_csv&step=1' );
echo '</div>';
}