Properly sanitization for wc_make_phone_clickable() and fixed coding standards
Closes #14659
This commit is contained in:
parent
f65005be41
commit
6c42f3c16a
|
@ -299,16 +299,13 @@ class WC_Meta_Box_Order_Data {
|
|||
$field_value = $order->get_meta( '_' . $field_name );
|
||||
}
|
||||
|
||||
switch ( $field_name ) {
|
||||
case 'billing_phone' :
|
||||
$field_value = wc_make_phone_clickable( esc_html( $field_value ) );
|
||||
break;
|
||||
default :
|
||||
$field_value = make_clickable( esc_html( $field_value ) );
|
||||
break;
|
||||
}
|
||||
if ( 'billing_phone' === $field_name ) {
|
||||
$field_value = wc_make_phone_clickable( $field_value );
|
||||
} else {
|
||||
$field_value = make_clickable( esc_html( $field_value ) );
|
||||
}
|
||||
|
||||
echo '<p><strong>' . esc_html( $field['label'] ) . ':</strong> ' . $field_value . '</p>';
|
||||
echo '<p><strong>' . esc_html( $field['label'] ) . ':</strong> ' . wp_kses_post( $field_value ) . '</p>';
|
||||
}
|
||||
|
||||
echo '</div>';
|
||||
|
|
|
@ -1633,12 +1633,16 @@ function wc_get_permalink_structure() {
|
|||
/**
|
||||
* Convert plaintext phone number to clickable phone number.
|
||||
*
|
||||
* @since 3.0.0
|
||||
* Remove formatting and allow "+".
|
||||
* Example and specs: https://developer.mozilla.org/en/docs/Web/HTML/Element/a#Creating_a_phone_link
|
||||
*
|
||||
* @param string $text Content to convert phone number.
|
||||
* @since 3.1.0
|
||||
*
|
||||
* @param string $phone Content to convert phone number.
|
||||
* @return string Content with converted phone number.
|
||||
*/
|
||||
function wc_make_phone_clickable( $text ) {
|
||||
$phone = trim ( preg_replace( '/[\s\-\+\(\)]/', '', $text ) );
|
||||
return "<a href=\"tel:$phone\">$text</a>";
|
||||
function wc_make_phone_clickable( $phone ) {
|
||||
$number = trim( preg_replace( '/[^\d|\+]/', '', $phone ) );
|
||||
|
||||
return '<a href="tel:' . esc_attr( $number ) . '">' . esc_html( $phone ) . '</a>';
|
||||
}
|
Loading…
Reference in New Issue