Fix invoice escaping
This commit is contained in:
parent
ace541910d
commit
3b57bf7051
|
@ -602,7 +602,6 @@ class WC_Email extends WC_Settings_API {
|
||||||
|
|
||||||
$message = apply_filters( 'woocommerce_mail_content', $this->style_inline( $message ) );
|
$message = apply_filters( 'woocommerce_mail_content', $this->style_inline( $message ) );
|
||||||
$return = wp_mail( $to, $subject, $message, $headers, $attachments );
|
$return = wp_mail( $to, $subject, $message, $headers, $attachments );
|
||||||
|
|
||||||
remove_filter( 'wp_mail_from', array( $this, 'get_from_address' ) );
|
remove_filter( 'wp_mail_from', array( $this, 'get_from_address' ) );
|
||||||
remove_filter( 'wp_mail_from_name', array( $this, 'get_from_name' ) );
|
remove_filter( 'wp_mail_from_name', array( $this, 'get_from_name' ) );
|
||||||
remove_filter( 'wp_mail_content_type', array( $this, 'get_content_type' ) );
|
remove_filter( 'wp_mail_content_type', array( $this, 'get_content_type' ) );
|
||||||
|
|
|
@ -27,7 +27,7 @@ if ( ! defined( 'ABSPATH' ) ) {
|
||||||
do_action( 'woocommerce_email_header', $email_heading, $email ); ?>
|
do_action( 'woocommerce_email_header', $email_heading, $email ); ?>
|
||||||
|
|
||||||
<?php /* translators: %s: Customer first name */ ?>
|
<?php /* translators: %s: Customer first name */ ?>
|
||||||
<p><?php printf( __( 'Hi %s,', 'woocommerce' ), $order->get_billing_first_name() ); ?></p><?php // phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped ?>
|
<p><?php printf( esc_html__( 'Hi %s,', 'woocommerce' ), esc_html( $order->get_billing_first_name() ) ); ?></p>
|
||||||
|
|
||||||
<?php if ( $order->has_status( 'pending' ) ) { ?>
|
<?php if ( $order->has_status( 'pending' ) ) { ?>
|
||||||
<p>
|
<p>
|
||||||
|
@ -85,7 +85,7 @@ do_action( 'woocommerce_email_customer_details', $order, $sent_to_admin, $plain_
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<p>
|
<p>
|
||||||
<?php _e( 'Have a great day.', 'woocommerce' ); // phpcs:ignore WordPress.XSS.EscapeOutput ?>
|
<?php esc_html_e( 'Have a great day.', 'woocommerce' ); ?>
|
||||||
</p>
|
</p>
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
|
|
@ -22,10 +22,10 @@ if ( ! defined( 'ABSPATH' ) ) {
|
||||||
echo '= ' . esc_html( $email_heading ) . " =\n\n";
|
echo '= ' . esc_html( $email_heading ) . " =\n\n";
|
||||||
|
|
||||||
/* translators: %s: Customer first name */
|
/* translators: %s: Customer first name */
|
||||||
printf( __( 'Hi %s,', 'woocommerce' ), $order->get_billing_first_name() ) . "\n\n"; // phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped
|
echo sprintf( esc_html__( 'Hi %s,', 'woocommerce' ), esc_html( $order->get_billing_first_name() ) ) . "\n\n";
|
||||||
|
|
||||||
if ( $order->has_status( 'pending' ) ) {
|
if ( $order->has_status( 'pending' ) ) {
|
||||||
printf(
|
echo sprintf(
|
||||||
wp_kses(
|
wp_kses(
|
||||||
/* translators: %1$s Site title, %2$s Order pay link */
|
/* translators: %1$s Site title, %2$s Order pay link */
|
||||||
__( 'An order has been created for you on %1$s. Your invoice is below, with a link to make payment when you’re ready: %1$s', 'woocommerce' ),
|
__( 'An order has been created for you on %1$s. Your invoice is below, with a link to make payment when you’re ready: %1$s', 'woocommerce' ),
|
||||||
|
@ -41,9 +41,8 @@ if ( $order->has_status( 'pending' ) ) {
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
/* translators: %s Order date */
|
/* translators: %s Order date */
|
||||||
printf( __( 'Here are the details of your order placed on %s:', 'woocommerce' ), wc_format_datetime( $this->object->get_date_created() ) ) . "\n\n"; // phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped
|
echo sprintf( esc_html__( 'Here are the details of your order placed on %s:', 'woocommerce' ), esc_html( wc_format_datetime( $this->object->get_date_created() ) ) ) . "\n\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
echo "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n\n";
|
echo "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n\n";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -73,7 +72,7 @@ do_action( 'woocommerce_email_order_meta', $order, $sent_to_admin, $plain_text,
|
||||||
*/
|
*/
|
||||||
do_action( 'woocommerce_email_customer_details', $order, $sent_to_admin, $plain_text, $email );
|
do_action( 'woocommerce_email_customer_details', $order, $sent_to_admin, $plain_text, $email );
|
||||||
|
|
||||||
_e( 'Have a great day.', 'woocommerce' ); // phpcs:ignore WordPress.XSS.EscapeOutput
|
echo esc_html__( 'Have a great day.', 'woocommerce' ) . "\n\n";
|
||||||
|
|
||||||
echo "\n=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n\n";
|
echo "\n=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n\n";
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue