WordPress.org
Get WordPress

Plugin Directory

Changeset 3412379


Ignore:
Timestamp:
12/05/2025 03:52:24 PM (8 days ago)
Author:
bastho
Message:

Escape outputs in meta boxes

Location:
event-post/trunk/views/admin
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • event-post/trunk/views/admin/custombox-date.php

    r3412367 r3412379  
    1515        <option value=""></option>
    1616        <?php foreach ($this->statuses as $status_name => $status_label): ?>
    17           <option value="<?php echo esc_attr($status_name); ?>" <?php selected($status_name, $event->status, true); ?>><?php esc_attr_e($status_label); ?></option>
     17          <option value="<?php echo esc_attr($status_name); ?>" <?php selected($status_name, $event->status, true); ?>><?php echo esc_html($status_label); ?></option>
    1818      <?php endforeach; ?>
    1919      </select>
     
    2323    <label>
    2424      <input type="checkbox" id="event-post-date-all-day" <?php checked( $event->time_start && $event->time_end && date('H:i:s', $event->time_start) == '00:00:00' && date('H:i:s', $event->time_end) == '00:00:00', true, true); ?>>
    25       <?php echo esc_html__('All day event', 'event-post') ?>
     25      <?php esc_html_e('All day event', 'event-post') ?>
    2626    </label>
    2727  </p>
     
    3030    <label for="<?php echo esc_attr($this->META_START); ?>_date">
    3131        <?php esc_attr_e('Begin:', 'event-post') ?>
    32         <span id="<?php esc_attr_e($this->META_START); ?>_date_human" class="human_date">
     32        <span id="<?php echo esc_attr($this->META_START); ?>_date_human" class="human_date">
    3333            <?php
    3434          if ($event->time_start != '') {
     
    5757            ?>
    5858          </span>
    59       <input type="<?php esc_attr_e($this->settings['datepicker']=='browser'?'datetime':''); ?>" class="eventpost-datepicker-<?php esc_attr_e($this->settings['datepicker']); ?>" data-lang="<?php esc_attr_e($language); ?>"  value ="<?php esc_attr_e(substr($end_date,0,16)) ?>" name="<?php esc_attr_e($this->META_END); ?>" id="<?php esc_attr_e($this->META_END); ?>_date"/>
     59      <input type="<?php echo esc_attr($this->settings['datepicker']=='browser'?'datetime':''); ?>" class="eventpost-datepicker-<?php echo esc_attr($this->settings['datepicker']); ?>" data-lang="<?php echo esc_attr($language); ?>"  value ="<?php echo esc_attr(substr($end_date,0,16)) ?>" name="<?php echo esc_attr($this->META_END); ?>" id="<?php echo esc_attr($this->META_END); ?>_date"/>
    6060    </label>
    6161  </p>

  • event-post/trunk/views/admin/custombox-location.php

    r3368287 r3412379  
    99?>
    1010 <div>
    11   <label for="<?php esc_attr_e($this->META_ATTENDANCE_MODE); ?>">
    12     <?php esc_attr_e('Attendance Mode:', 'event-post') ?>
    13     <select name="<?php esc_attr_e($this->META_ATTENDANCE_MODE); ?>" id="<?php esc_attr_e($this->META_ATTENDANCE_MODE); ?>">
     11  <label for="<?php echo esc_attr($this->META_ATTENDANCE_MODE); ?>">
     12    <?php esc_html_e('Attendance Mode:', 'event-post') ?>
     13    <select name="<?php echo esc_attr($this->META_ATTENDANCE_MODE); ?>" id="<?php echo esc_attr($this->META_ATTENDANCE_MODE); ?>">
    1414      <option value=""></option>
    1515      <?php foreach ($this->attendance_modes as $mode_name => $mode_label): ?>
    16         <option value="<?php esc_attr_e($mode_name); ?>" <?php selected($mode_name, $event->attendance_mode, true); ?>><?php esc_attr_e($mode_label); ?></option>
     16        <option value="<?php echo esc_attr($mode_name); ?>" <?php selected($mode_name, $event->attendance_mode, true); ?>><?php echo esc_html($mode_label); ?></option>
    1717    <?php endforeach; ?>
    1818    </select>
     
    2121<div class="eventpost-misc-pub-section eventpost-location-type-online">
    2222  <p>
    23     <label for="<?php esc_attr_e($this->META_VIRTUAL_LOCATION); ?>">
    24     <?php esc_attr_e('Virtual Location:', 'event-post') ?>
    25       <input type="url" value ="<?php esc_attr_e($event->virtual_location); ?>" name="<?php esc_attr_e($this->META_VIRTUAL_LOCATION); ?>" id="<?php esc_attr_e($this->META_VIRTUAL_LOCATION); ?>" class="widefat"/>
     23    <label for="<?php echo esc_attr($this->META_VIRTUAL_LOCATION); ?>">
     24    <?php esc_html_e('Virtual Location:', 'event-post') ?>
     25      <input type="url" value ="<?php echo esc_attr($event->virtual_location); ?>" name="<?php echo esc_attr($this->META_VIRTUAL_LOCATION); ?>" id="<?php echo esc_attr($this->META_VIRTUAL_LOCATION); ?>" class="widefat"/>
    2626    </label>
    2727  </p>
     
    2929
    3030<div class="eventpost-misc-pub-section eventpost-location-type-offline">
    31   <label for="<?php esc_attr_e($this->META_ADD); ?>">
    32 <?php esc_attr_e('Address, as it will be displayed:', 'event-post') ?>
    33     <textarea name="<?php esc_attr_e($this->META_ADD); ?>" id="<?php esc_attr_e($this->META_ADD); ?>" class="widefat"><?php esc_attr_e($event->address); ?></textarea>
     31  <label for="<?php echo esc_attr($this->META_ADD); ?>">
     32<?php esc_html_e('Address, as it will be displayed:', 'event-post') ?>
     33    <textarea name="<?php echo esc_attr($this->META_ADD); ?>" id="<?php echo esc_attr($this->META_ADD); ?>" class="widefat"><?php echo esc_html($event->address); ?></textarea>
    3434  </label>
    3535</div>
     
    3737<div id="event_address_searchwrap" class="eventpost-location-type-offline">
    3838  <span class="dashicons dashicons-location eventpost-edit-icon"></span>
    39   <?php esc_attr_e('GPS coordinates:', 'event-post') ?>
    40   <a id="event_address_search" title="<?php _e('Search or fill exact coordinates', 'event-post') ?>">
    41     <?php _e('Search / Edit', 'event-post') ?>
     39  <?php esc_html_e('GPS coordinates:', 'event-post') ?>
     40  <a id="event_address_search" title="<?php esc_attr_e('Search or fill exact coordinates', 'event-post') ?>">
     41    <?php esc_html_e('Search / Edit', 'event-post') ?>
    4242  </a>
    4343
     
    4646      <span id="eventaddress_result"></span>
    4747    </p>
    48     <label for="<?php esc_attr_e($this->META_LAT); ?>">
    49   <?php esc_attr_e('Latitude:', 'event-post') ?>
    50       <input type="text" value ="<?php esc_attr_e($event->lat); ?>" name="<?php esc_attr_e($this->META_LAT); ?>" id="<?php esc_attr_e($this->META_LAT); ?>" class="widefat"/>
     48    <label for="<?php echo esc_attr($this->META_LAT); ?>">
     49      <?php esc_html_e('Latitude:', 'event-post') ?>
     50      <input type="text" value ="<?php echo esc_attr($event->lat); ?>" name="<?php echo esc_attr($this->META_LAT); ?>" id="<?php echo esc_attr($this->META_LAT); ?>" class="widefat"/>
    5151    </label>
    5252
    53     <label for="<?php esc_attr_e($this->META_LONG); ?>">
    54   <?php esc_attr_e('Longitude:', 'event-post') ?>
    55       <input type="text" value ="<?php esc_attr_e($event->long); ?>" name="<?php esc_attr_e($this->META_LONG); ?>" id="<?php esc_attr_e($this->META_LONG); ?>" class="widefat"/>
     53    <label for="<?php echo esc_attr($this->META_LONG); ?>">
     54      <?php esc_html_e('Longitude:', 'event-post') ?>
     55      <input type="text" value ="<?php echo esc_attr($event->long); ?>" name="<?php echo esc_attr($this->META_LONG); ?>" id="<?php echo esc_attr($this->META_LONG); ?>" class="widefat"/>
    5656    </label>
    5757    <p>
    5858      <a id="event_address_unsearch" class="button button-small">
    5959        <span class="dashicons dashicons-yes"></span>
    60         <?php esc_attr_e('Done', 'event-post') ?>
     60        <?php esc_html_e('Done', 'event-post') ?>
    6161      </a>
    6262    </p>
     
    6565
    6666<div class="eventpost-misc-pub-section eventpost-location-type-offline" id="event-post-map-preview-wrapper">
    67   <div id="event-post-map-preview" data-marker="<?php esc_attr_e($this->get_marker($event->color)); ?>"></div>
     67  <div id="event-post-map-preview" data-marker="<?php echo esc_attr($this->get_marker($event->color)); ?>"></div>
    6868</div>
Note: See TracChangeset for help on using the changeset viewer.