Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

More esc_attr() on text inputs

This commit is contained in:
Mark Jaquith 2011-09-24 13:13:41 +08:00 committed by Mark Jaquith
parent 66bcf34f23
commit 43d9c41d59
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
admin/writepanels/writepanel-coupon_data.php
View File

@ -49,7 +49,7 @@ function woocommerce_coupon_data_meta_box($post) {
$field = array( 'id' => 'coupon_amount', 'label' => __('Coupon amount', 'woothemes') );
echo '<p class="form-field">
<label for="'.$field['id'].'">'.$field['label'].':</label>
<input type="text" class="short" name="'.$field['id'].'" id="'.$field['id'].'" value="'.$value.'" /> <span class="description">' . __('Enter an amount e.g. 2.99 or an integer for percentages e.g. 20', 'woothemes') . '</span></p>';
<input type="text" class="short" name="'.$field['id'].'" id="'.$field['id'].'" value="'.esc_attr( $value ).'" /> <span class="description">' . __('Enter an amount e.g. 2.99 or an integer for percentages e.g. 20', 'woothemes') . '</span></p>';
// Individual use
$value = get_post_meta($post->ID, 'individual_use', true);
@ -65,21 +65,21 @@ function woocommerce_coupon_data_meta_box($post) {
$field = array( 'id' => 'product_ids', 'label' => __('Product IDs', 'woothemes') );
echo '<p class="form-field">
<label for="'.$field['id'].'">'.$field['label'].':</label>
<input type="text" class="short" name="'.$field['id'].'" id="'.$field['id'].'" value="'.$value.'" /> <span class="description">' . __('(optional) Comma separate product IDs which are required for this coupon to work', 'woothemes') . '</span></p>';
<input type="text" class="short" name="'.$field['id'].'" id="'.$field['id'].'" value="'.esc_attr( $value ).'" /> <span class="description">' . __('(optional) Comma separate product IDs which are required for this coupon to work', 'woothemes') . '</span></p>';
// Usage limit
$value = get_post_meta($post->ID, 'usage_limit', true);
$field = array( 'id' => 'usage_limit', 'label' => __('Usage limit', 'woothemes') );
echo '<p class="form-field">
<label for="'.$field['id'].'">'.$field['label'].':</label>
<input type="text" class="short" name="'.$field['id'].'" id="'.$field['id'].'" value="'.$value.'" /> <span class="description">' . __('(optional) How many times this coupon can be used before it is void', 'woothemes') . '</span></p>';
<input type="text" class="short" name="'.$field['id'].'" id="'.$field['id'].'" value="'.esc_attr( $value ).'" /> <span class="description">' . __('(optional) How many times this coupon can be used before it is void', 'woothemes') . '</span></p>';
// Expiry date
$value = get_post_meta($post->ID, 'expiry_date', true);
$field = array( 'id' => 'expiry_date', 'label' => __('Expiry date', 'woothemes') );
echo '<p class="form-field">
<label for="'.$field['id'].'">'.$field['label'].':</label>
<input type="text" class="short date-picker" name="'.$field['id'].'" id="'.$field['id'].'" value="'.$value.'" /> <span class="description">' . __('(optional) The date this coupon will expire, <code>YYYY-MM-DD</code>', 'woothemes') . '</span></p>';
<input type="text" class="short date-picker" name="'.$field['id'].'" id="'.$field['id'].'" value="'.esc_attr( $value ).'" /> <span class="description">' . __('(optional) The date this coupon will expire, <code>YYYY-MM-DD</code>', 'woothemes') . '</span></p>';
?>
</div>

2
admin/writepanels/writepanel-order_data.php
View File

@ -172,7 +172,7 @@ function woocommerce_order_items_meta_box($post) {
<tbody class="meta_items">
<?php
if (isset($item['item_meta']) && is_array($item['item_meta'])) foreach ($item['item_meta'] as $key => $value) :
echo '<tr><td><input type="text" name="meta_name['.$loop.'][]" value="'.$key.'" /></td><td><input type="text" name="meta_value['.$loop.'][]" value="'.$value.'" /></td><td><button class="remove_meta button">&times;</button></td></tr>';
echo '<tr><td><input type="text" name="meta_name['.$loop.'][]" value="'.$key.'" /></td><td><input type="text" name="meta_value['.$loop.'][]" value="'.esc_attr( $value ).'" /></td><td><button class="remove_meta button">&times;</button></td></tr>';
endforeach;
?>
</tbody>

2
classes/gateways/gateway-paypal.php
View File

@ -214,7 +214,7 @@ class woocommerce_paypal extends woocommerce_payment_gateway {
$paypal_args_array = array();
foreach ($paypal_args as $key => $value) {
$paypal_args_array[] = '<input type="hidden" name="'.$key.'" value="'.$value.'" />';
$paypal_args_array[] = '<input type="hidden" name="'.$key.'" value="'.esc_attr( $value ).'" />';
}
return '<form action="'.$paypal_adr.'" method="post" id="paypal_payment_form">