WordPress.org
Get WordPress

Plugin Directory

Changeset 2902324


Ignore:
Timestamp:
04/21/2023 01:50:16 PM (3 years ago)
Author:
jchristopher
Message:

Version 1.6.8

Location:
cms-tree-page-view/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • cms-tree-page-view/trunk/functions.php

    r2901738 r2902324  
    101101    */
    102102
    103     $post_position  = sanitize_text_field($_POST["cms_tpv_add_type"]);
    104     $post_status    = sanitize_text_field($_POST["cms_tpv_add_status"]);
     103    $post_position  = esc_attr($_POST["cms_tpv_add_type"]);
     104    $post_status    = esc_attr($_POST["cms_tpv_add_status"]);
    105105    $post_names     = (array) $_POST["cms_tpv_add_new_pages_names"];
    106     $ref_post_id    = (int) sanitize_text_field($_POST["ref_post_id"]);
    107     $lang           = sanitize_text_field($_POST["lang"]);
     106    $ref_post_id    = (int) esc_attr($_POST["ref_post_id"]);
     107    $lang           = esc_attr($_POST["lang"]);
    108108
    109109    for ($i = 0; $i < count($post_names); $i++) {
    110         $post_names[$i] = sanitize_text_field($post_names[$i]);
     110        $post_names[$i] = esc_attr($post_names[$i]);
    111111    }
    112112
     
    285285    global $cms_tpv_view;
    286286    if (isset($_GET["cms_tpv_view"])) {
    287         $cms_tpv_view = htmlspecialchars(sanitize_text_field($_GET["cms_tpv_view"]));
     287        $cms_tpv_view = esc_attr(htmlspecialchars($_GET["cms_tpv_view"]));
    288288    } else {
    289289        $cms_tpv_view = "all";
     
    895895    $post_type = NULL;
    896896    if (isset($_GET["post_type"])) {
    897         $post_type = sanitize_text_field($_GET["post_type"]);
     897        $post_type = esc_attr($_GET["post_type"]);
    898898    }
    899899    if (!$post_type) {
    900900        // no post type, happens with ozh admin drop down, so get it via page instead
    901         $page = isset($_GET["page"]) ? sanitize_text_field($_GET["page"]) : "";
     901        $page = isset($_GET["page"]) ? esc_attr($_GET["page"]) : "";
    902902        $post_type = str_replace("cms-tpv-page-", "", $page);
    903903    }
     
    15981598    check_ajax_referer('cms-tpv-ajax', 'cms-tpv-nonce');
    15991599
    1600     $action = sanitize_text_field($_GET["action"]);
    1601     $view = sanitize_text_field($_GET["view"]); // all | public | trash
    1602     $post_type = (isset($_GET["post_type"])) ? sanitize_text_field($_GET["post_type"]) : null;
    1603     $search = (isset($_GET["search_string"])) ? sanitize_text_field(trim($_GET["search_string"])) : ""; // exits if we're doing a search
     1600    $action = esc_attr($_GET["action"]);
     1601    $view = esc_attr($_GET["view"]); // all | public | trash
     1602    $post_type = (isset($_GET["post_type"])) ? esc_attr($_GET["post_type"]) : null;
     1603    $search = (isset($_GET["search_string"])) ? esc_attr(trim($_GET["search_string"])) : ""; // exits if we're doing a search
    16041604
    16051605    // Check if user is allowed to get the list. For example subscribers should not be allowed to
     
    16741674            // regular get
    16751675
    1676             $id = (isset($_GET["id"])) ? sanitize_text_field($_GET["id"]) : null;
     1676            $id = (isset($_GET["id"])) ? esc_attr($_GET["id"]) : null;
    16771677            $id = (int) str_replace("cms-tpv-", "", $id);
    16781678
     
    17071707    global $wpdb;
    17081708
    1709     $node_id = sanitize_text_field($_POST["node_id"]); // the node that was moved
    1710     $ref_node_id = sanitize_text_field($_POST["ref_node_id"]);
    1711     $type = sanitize_text_field($_POST["type"]);
     1709    $node_id = esc_attr($_POST["node_id"]); // the node that was moved
     1710    $ref_node_id = esc_attr($_POST["ref_node_id"]);
     1711    $type = esc_attr($_POST["type"]);
    17121712
    17131713    $node_id = str_replace("cms-tpv-", "", $node_id);

  • cms-tree-page-view/trunk/index.php

    r2901738 r2902324  
    66Text Domain: cms-tree-page-view
    77Domain Path: /languages/
    8 Version: 1.6.7
     8Version: 1.6.8
    99Author: Jon Christopher
    1010Author URI: https://jonchristopher.us/
     
    3030#require("functions.php");
    3131
    32 define( "CMS_TPV_VERSION", "1.6.7");
     32define( "CMS_TPV_VERSION", "1.6.8");
    3333define( "CMS_TPV_NAME", "CMS Tree Page View");
    3434

  • cms-tree-page-view/trunk/readme.txt

    r2901738 r2902324  
    66Requires at least: 3.8
    77Tested up to: 6.2.0
    8 Stable tag: 1.6.7
     8Stable tag: 1.6.8
    99
    1010Adds a tree view of all pages & custom posts. Get a great overview + options to drag & drop to reorder & option to add multiple pages.
     
    118118== Changelog ==
    119119
     120= 1.6.8 (April 2023) =
     121
     122Refactor of changes made in 1.6.7 security release
     123
    120124= 1.6.7 (April 2023) =
    121125
Note: See TracChangeset for help on using the changeset viewer.