Changeset 3359404
- Timestamp:
- 09/10/2025 07:02:20 PM (7 months ago)
- Location:
- appointmind/trunk
- Files:
-
- 2 edited
-
appointmind.php (modified) (2 diffs)
-
readme.txt (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
appointmind/trunk/appointmind.php
r3170323 r3359404 165 165 if (!empty($attributes['id'])) { 166 166 if (empty($appointmindUrlParameters)) { 167 $appointmindUrlParameters = '?cap=' . $attributes['id'];167 $appointmindUrlParameters = '?cap=' . esc_attr($attributes['id']); 168 168 } else { 169 $appointmindUrlParameters .= '&cap=' . $attributes['id'];169 $appointmindUrlParameters .= '&cap=' . esc_attr($attributes['id']); 170 170 } 171 171 } 172 172 if (!empty($attributes['reason'])) { 173 173 if (empty($appointmindUrlParameters)) { 174 $appointmindUrlParameters = '?reason=' . $attributes['reason'];174 $appointmindUrlParameters = '?reason=' . esc_attr($attributes['reason']); 175 175 } else { 176 $appointmindUrlParameters .= '&reason=' . $attributes['reason'];176 $appointmindUrlParameters .= '&reason=' . esc_attr($attributes['reason']); 177 177 } 178 178 } 179 179 if (!empty($attributes['language'])) { 180 180 if (empty($appointmindUrlParameters)) { 181 $appointmindUrlParameters = '?select_lang=' . $attributes['language']. '_utf8';181 $appointmindUrlParameters = '?select_lang=' . esc_attr($attributes['language']) . '_utf8'; 182 182 } else { 183 $appointmindUrlParameters .= '&select_lang=' . $attributes['language']. '_utf8';183 $appointmindUrlParameters .= '&select_lang=' . esc_attr($attributes['language']) . '_utf8'; 184 184 } 185 185 } … … 228 228 } 229 229 230 $formType = trim($attributes['form']);230 $formType = esc_attr(trim($attributes['form'])); 231 231 232 232 $calendarContent = ''; -
appointmind/trunk/readme.txt
r3268410 r3359404 20 20 21 21 == Changelog == 22 23 = 4.2.0 = 24 25 Escape user input 22 26 23 27 = 4.1.0 =
Note: See TracChangeset
for help on using the changeset viewer.