Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

sanitize user inputs

This commit is contained in:
splashingpixels 2015-01-19 09:07:57 -08:00
parent 3c625f1ad4
commit 0b53ceef7a
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
includes/class-wc-shortcodes.php
View File

@ -797,7 +797,7 @@ class WC_Shortcodes {
if ( isset( $atts['sku'] ) ) {
$args['meta_query'][] = array(
'key' => '_sku',
'value' => $atts['sku'],
'value' => sanitize_text_field( $atts['sku'] ),
'compare' => '='
);
@ -805,7 +805,7 @@ class WC_Shortcodes {
}
if ( isset( $atts['id'] ) ) {
$args['p'] = $atts['id'];
$args['p'] = absint( $atts['id'] );
}
$single_product = new WP_Query( $args );
@ -838,7 +838,7 @@ class WC_Shortcodes {
var $variations_form = $( '[data-product-page-preselected-id="<?php echo esc_attr( $preselected_id ); ?>"]' ).find( 'form.variations_form' );
<?php foreach( $attributes as $attr => $value ) { ?>
$variations_form.find( 'select[name="<?php echo $attr; ?>"]' ).val( '<?php echo $value; ?>' );
$variations_form.find( 'select[name="<?php echo esc_attr( $attr ); ?>"]' ).val( '<?php echo $value; ?>' );
<?php } ?>
});
</script>