WordPress.org
Get WordPress

Plugin Directory

Changeset 2746625


Ignore:
Timestamp:
06/22/2022 07:08:23 PM (4 years ago)
Author:
grimmdude
Message:

More sanitizing

Location:
sharebar
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • sharebar/tags/1.4.3/sharebar-admin.php

    r2746622 r2746625  
    4949        $binaries = array("auto_posts","auto_pages","horizontal","credit");
    5050        foreach($binaries as $binary) $_POST[$binary] = isset($_POST[$binary]) ? 1:0;
    51         $_POST['width'] = $_POST['width'] ? $_POST['width']:1000;
     51        $_POST['width'] = $_POST['width'] ? (int) $_POST['width']:1000;
    5252        sharebar_settings($_POST);
    5353        foreach($sharebar_options as $option) $$option = get_option('sharebar_'.$option);
     
    5555        check_admin_referer( 'wp_sharebar_update_all' );
    5656        $buttons = $_POST['buttons'];
    57         $uptask = $_POST['update-task'];
     57        $uptask = sanitize_text_field($_POST['update-task']);
    5858        if($buttons){
    5959            foreach ($buttons as $button)
    60                 sharebar_update_button($button,$uptask);
     60                sharebar_update_button((int) $button,$uptask);
    6161            $status = "Buttons have been ".esc_html($uptask)."d";
    6262        }else

  • sharebar/trunk/sharebar-admin.php

    r2746622 r2746625  
    4949        $binaries = array("auto_posts","auto_pages","horizontal","credit");
    5050        foreach($binaries as $binary) $_POST[$binary] = isset($_POST[$binary]) ? 1:0;
    51         $_POST['width'] = $_POST['width'] ? $_POST['width']:1000;
     51        $_POST['width'] = $_POST['width'] ? (int) $_POST['width']:1000;
    5252        sharebar_settings($_POST);
    5353        foreach($sharebar_options as $option) $$option = get_option('sharebar_'.$option);
     
    5555        check_admin_referer( 'wp_sharebar_update_all' );
    5656        $buttons = $_POST['buttons'];
    57         $uptask = $_POST['update-task'];
     57        $uptask = sanitize_text_field($_POST['update-task']);
    5858        if($buttons){
    5959            foreach ($buttons as $button)
    60                 sharebar_update_button($button,$uptask);
     60                sharebar_update_button((int) $button,$uptask);
    6161            $status = "Buttons have been ".esc_html($uptask)."d";
    6262        }else
Note: See TracChangeset for help on using the changeset viewer.