Escapes several echoed elements for better security.
This commit is contained in:
parent
0aa9f41dfb
commit
10e37a8bc0
|
@ -1,6 +1,6 @@
|
||||||
<?php get_header(); ?>
|
<?php get_header(); ?>
|
||||||
|
|
||||||
<?php $view_mode = get_query_var( 'tainacan_collections_viewmode' ); ?>
|
<?php $view_mode = esc_attr(get_query_var( 'tainacan_collections_viewmode' )); ?>
|
||||||
|
|
||||||
<!-- Get the banner to display -->
|
<!-- Get the banner to display -->
|
||||||
<?php get_template_part( 'template-parts/bannerheader' ); ?>
|
<?php get_template_part( 'template-parts/bannerheader' ); ?>
|
||||||
|
@ -63,8 +63,8 @@
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<form role="search" class="ml-auto" method="get" id="tainacan-collection-search">
|
<form role="search" class="ml-auto" method="get" id="tainacan-collection-search">
|
||||||
<input type="hidden" name="orderby" value="<?php echo get_query_var( 'orderby' ); ?>" />
|
<input type="hidden" name="orderby" value="<?php echo esc_attr(get_query_var( 'orderby' )); ?>" />
|
||||||
<input type="hidden" name="order" value="<?php echo get_query_var( 'order' ); ?>" />
|
<input type="hidden" name="order" value="<?php echo esc_attr(get_query_var( 'order' )); ?>" />
|
||||||
<input type="hidden" name="tainacan_collections_viewmode" value="<?php echo $view_mode; ?>" />
|
<input type="hidden" name="tainacan_collections_viewmode" value="<?php echo $view_mode; ?>" />
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<input class="form-control rounded-0" type="search" name="s" value="<?php echo get_query_var( 's' ); ?>" placeholder="<?php esc_attr_e( 'Search collections', 'tainacan-interface' ); ?>" />
|
<input class="form-control rounded-0" type="search" name="s" value="<?php echo get_query_var( 's' ); ?>" placeholder="<?php esc_attr_e( 'Search collections', 'tainacan-interface' ); ?>" />
|
||||||
|
|
|
@ -231,7 +231,11 @@
|
||||||
/* Links */
|
/* Links */
|
||||||
a { text-decoration: none; }
|
a { text-decoration: none; }
|
||||||
.has-text-color>a,
|
.has-text-color>a,
|
||||||
.has-text-color>a:hover {
|
.has-text-color>a:hover,
|
||||||
|
.has-text-color>a>strong,
|
||||||
|
.has-text-color>a:hover>strong,
|
||||||
|
.has-text-color>a>em,
|
||||||
|
.has-text-color>a:hover>em {
|
||||||
color: inherit;
|
color: inherit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -30,7 +30,7 @@ if ( post_password_required() ) {
|
||||||
<?php if ( is_user_logged_in() ) { ?>
|
<?php if ( is_user_logged_in() ) { ?>
|
||||||
<span class="text-oslo-gray authenticated ml-sm-3 d-none d-sm-block align-self-center">
|
<span class="text-oslo-gray authenticated ml-sm-3 d-none d-sm-block align-self-center">
|
||||||
<?php _e( 'Authenticated as:', 'tainacan-interface' );
|
<?php _e( 'Authenticated as:', 'tainacan-interface' );
|
||||||
echo ' <a href="' . get_author_posts_url( $current_user->ID ) . '">' . $current_user->display_name . '</a>'; ?>
|
echo ' <a href="' . esc_url(get_author_posts_url( $current_user->ID )) . '">' . $current_user->display_name . '</a>'; ?>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
</span>
|
</span>
|
||||||
</div>
|
</div>
|
||||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -1,5 +1,5 @@
|
||||||
<?php if ( ! is_404() ) : ?>
|
<?php if ( ! is_404() ) : ?>
|
||||||
<footer class="container-fluid p-4 p-sm-5 mt-5 tainacan-footer <?php echo ('tainacan-footer-' . get_theme_mod( 'tainacan_footer_color', 'dark' )) ?>" style="padding-bottom: 0 !important;">
|
<footer class="container-fluid p-4 p-sm-5 mt-5 tainacan-footer <?php echo esc_attr( ('tainacan-footer-' . get_theme_mod( 'tainacan_footer_color', 'dark' )) ) ?>" style="padding-bottom: 0 !important;">
|
||||||
<?php if ( is_active_sidebar( 'tainacan-sidebar-footer' ) ) { ?>
|
<?php if ( is_active_sidebar( 'tainacan-sidebar-footer' ) ) { ?>
|
||||||
<div class="row tainacan-footer-widgets-area">
|
<div class="row tainacan-footer-widgets-area">
|
||||||
<ul class="col-12 col-lg pt-3 pb-3 pl-0 pr-0 d-lg-flex flex-wrap justify-content-xs-center mb-md-0">
|
<ul class="col-12 col-lg pt-3 pb-3 pl-0 pr-0 d-lg-flex flex-wrap justify-content-xs-center mb-md-0">
|
||||||
|
|
|
@ -98,7 +98,7 @@ function tainacan_interface_the_breadcrumb() {
|
||||||
echo $before . $str . $after;
|
echo $before . $str . $after;
|
||||||
} else {
|
} else {
|
||||||
if ( is_archive() ) {
|
if ( is_archive() ) {
|
||||||
$str = __( 'Collections', 'tainacan-interface' );
|
$str = __( 'Collections', 'tainacan-interface' ) . ' ';
|
||||||
} else {
|
} else {
|
||||||
$str = $post_type->labels->singular_name;
|
$str = $post_type->labels->singular_name;
|
||||||
}
|
}
|
||||||
|
|
|
@ -71,7 +71,7 @@ class TainacanInterfaceCollectionSettings {
|
||||||
<input
|
<input
|
||||||
type="radio"
|
type="radio"
|
||||||
value="default"
|
value="default"
|
||||||
name="<?php echo $this->tainacan_sections_layout; ?>"
|
name="<?php echo esc_attr($this->tainacan_sections_layout); ?>"
|
||||||
id="default" checked>
|
id="default" checked>
|
||||||
<img src="<?php echo esc_url( get_template_directory_uri()); ?>/assets/images/section_default.png" alt="<?php _e( 'Default', 'tainacan-interface' ); ?>" />
|
<img src="<?php echo esc_url( get_template_directory_uri()); ?>/assets/images/section_default.png" alt="<?php _e( 'Default', 'tainacan-interface' ); ?>" />
|
||||||
<?php _e( 'Default', 'tainacan-interface' ); ?>
|
<?php _e( 'Default', 'tainacan-interface' ); ?>
|
||||||
|
@ -81,7 +81,7 @@ class TainacanInterfaceCollectionSettings {
|
||||||
<input
|
<input
|
||||||
type="radio"
|
type="radio"
|
||||||
value="tabs"
|
value="tabs"
|
||||||
name="<?php echo $this->tainacan_sections_layout; ?>"
|
name="<?php echo esc_attr($this->tainacan_sections_layout); ?>"
|
||||||
id="tabs">
|
id="tabs">
|
||||||
<img src="<?php echo esc_url( get_template_directory_uri()); ?>/assets/images/section_tabs.png" alt="<?php _e( 'Tabs', 'tainacan-interface' ); ?>" />
|
<img src="<?php echo esc_url( get_template_directory_uri()); ?>/assets/images/section_tabs.png" alt="<?php _e( 'Tabs', 'tainacan-interface' ); ?>" />
|
||||||
<?php _e( 'Tabs', 'tainacan-interface' ); ?>
|
<?php _e( 'Tabs', 'tainacan-interface' ); ?>
|
||||||
|
@ -91,7 +91,7 @@ class TainacanInterfaceCollectionSettings {
|
||||||
<input
|
<input
|
||||||
type="radio"
|
type="radio"
|
||||||
value="collapses"
|
value="collapses"
|
||||||
name="<?php echo $this->tainacan_sections_layout; ?>"
|
name="<?php echo esc_attr($this->tainacan_sections_layout); ?>"
|
||||||
id="collapses">
|
id="collapses">
|
||||||
<img src="<?php echo esc_url( get_template_directory_uri()); ?>/assets/images/section_collapse.png" alt="<?php _e( 'Collapses', 'tainacan-interface' ); ?>" />
|
<img src="<?php echo esc_url( get_template_directory_uri()); ?>/assets/images/section_collapse.png" alt="<?php _e( 'Collapses', 'tainacan-interface' ); ?>" />
|
||||||
<?php _e( 'Collapses', 'tainacan-interface' ); ?>
|
<?php _e( 'Collapses', 'tainacan-interface' ); ?>
|
||||||
|
@ -101,7 +101,7 @@ class TainacanInterfaceCollectionSettings {
|
||||||
<input
|
<input
|
||||||
type="radio"
|
type="radio"
|
||||||
value="accordion"
|
value="accordion"
|
||||||
name="<?php echo $this->tainacan_sections_layout; ?>"
|
name="<?php echo esc_attr($this->tainacan_sections_layout); ?>"
|
||||||
id="accordion">
|
id="accordion">
|
||||||
<img src="<?php echo esc_url( get_template_directory_uri()); ?>/assets/images/section_accordion.png" alt="<?php _e( 'Accordion', 'tainacan-interface' ); ?>" />
|
<img src="<?php echo esc_url( get_template_directory_uri()); ?>/assets/images/section_accordion.png" alt="<?php _e( 'Accordion', 'tainacan-interface' ); ?>" />
|
||||||
<?php _e( 'Accordion', 'tainacan-interface' ); ?>
|
<?php _e( 'Accordion', 'tainacan-interface' ); ?>
|
||||||
|
@ -131,7 +131,7 @@ class TainacanInterfaceCollectionSettings {
|
||||||
<div class="column is-one-third-desktop is-full-tablet is-one-third-mobile field tainacan-collection--change-color-picker">
|
<div class="column is-one-third-desktop is-full-tablet is-one-third-mobile field tainacan-collection--change-color-picker">
|
||||||
<label class="label"><?php _e( 'Background', 'tainacan-interface' ); ?></label>
|
<label class="label"><?php _e( 'Background', 'tainacan-interface' ); ?></label>
|
||||||
<div class="control is-clearfix">
|
<div class="control is-clearfix">
|
||||||
<input type="text" value="" id="colorpicker" name="<?php echo $this->tainacan_background_color; ?>">
|
<input type="text" value="" id="colorpicker" name="<?php echo esc_attr($this->tainacan_background_color); ?>">
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
@ -142,7 +142,7 @@ class TainacanInterfaceCollectionSettings {
|
||||||
<input
|
<input
|
||||||
type="radio"
|
type="radio"
|
||||||
value="#fff"
|
value="#fff"
|
||||||
name="<?php echo $this->tainacan_text_color; ?>"
|
name="<?php echo esc_attr($this->tainacan_text_color); ?>"
|
||||||
id="white" checked>
|
id="white" checked>
|
||||||
<?php _e( 'White', 'tainacan-interface' ); ?>
|
<?php _e( 'White', 'tainacan-interface' ); ?>
|
||||||
</label>
|
</label>
|
||||||
|
@ -151,7 +151,7 @@ class TainacanInterfaceCollectionSettings {
|
||||||
<input
|
<input
|
||||||
type="radio"
|
type="radio"
|
||||||
value="#000"
|
value="#000"
|
||||||
name="<?php echo $this->tainacan_text_color; ?>"
|
name="<?php echo esc_attr($this->tainacan_text_color); ?>"
|
||||||
id="black">
|
id="black">
|
||||||
<?php _e( 'Black', 'tainacan-interface' ); ?>
|
<?php _e( 'Black', 'tainacan-interface' ); ?>
|
||||||
</label>
|
</label>
|
||||||
|
|
|
@ -328,8 +328,7 @@ function tainacan_color_scheme_css() {
|
||||||
|
|
||||||
$color_scheme_css = tainacan_get_color_scheme_css( $colors );
|
$color_scheme_css = tainacan_get_color_scheme_css( $colors );
|
||||||
|
|
||||||
echo '<style type="text/css" id="custom-theme-css">' .
|
echo '<style type="text/css" id="custom-theme-css">' . $color_scheme_css . '</style>';
|
||||||
$color_scheme_css . '</style>';
|
|
||||||
}
|
}
|
||||||
add_action( 'wp_head', 'tainacan_color_scheme_css' );
|
add_action( 'wp_head', 'tainacan_color_scheme_css' );
|
||||||
|
|
||||||
|
|
|
@ -14,12 +14,12 @@ function tainacan_comments_callback( $comment, $args, $depth ) {
|
||||||
$arg = array(
|
$arg = array(
|
||||||
'class' => 'img-fluid rounded-circle mr-sm-3',
|
'class' => 'img-fluid rounded-circle mr-sm-3',
|
||||||
);
|
);
|
||||||
echo get_avatar( $comment, 60, '', '', $arg );
|
echo wp_kses_post( get_avatar( $comment, 60, '', '', $arg ) );
|
||||||
?>
|
?>
|
||||||
<div class="media-body">
|
<div class="media-body">
|
||||||
<h5 class="media-heading comment-author vcard ml-2">
|
<h5 class="media-heading comment-author vcard ml-2">
|
||||||
<a href="<?php echo get_author_posts_url( $comment->user_id ); ?>" class="text-black font-weight-bold bypostauthor">
|
<a href="<?php echo esc_url(get_author_posts_url( $comment->user_id )); ?>" class="text-black font-weight-bold bypostauthor">
|
||||||
<?php comment_author( $comment->comment_ID ); ?>
|
<?php wp_kses_post( comment_author( $comment->comment_ID ) ); ?>
|
||||||
</a>
|
</a>
|
||||||
<p class="comment-time text-oslo-gray my-sm-1">
|
<p class="comment-time text-oslo-gray my-sm-1">
|
||||||
<?php
|
<?php
|
||||||
|
@ -37,21 +37,18 @@ function tainacan_comments_callback( $comment, $args, $depth ) {
|
||||||
<?php _e( 'Your comment is awaiting moderation.','tainacan-interface' ); ?>
|
<?php _e( 'Your comment is awaiting moderation.','tainacan-interface' ); ?>
|
||||||
</p>
|
</p>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
<?php comment_text(); ?>
|
<?php wp_kses_post( comment_text() ); ?>
|
||||||
<?php comment_reply_link( array(
|
<?php wp_kses_post(
|
||||||
|
comment_reply_link( array(
|
||||||
'reply_text' => __( 'Reply', 'tainacan-interface' ),
|
'reply_text' => __( 'Reply', 'tainacan-interface' ),
|
||||||
'depth' => $depth,
|
'depth' => $depth,
|
||||||
'max_depth' => $args['max_depth'],
|
'max_depth' => $args['max_depth'],
|
||||||
'before' => '<li class="ml-2 reply-link list-inline-item mr-3 mt-2">',
|
'before' => '<li class="ml-2 reply-link list-inline-item mr-3 mt-2">',
|
||||||
'after' => '</li>',
|
'after' => '</li>',
|
||||||
));
|
))
|
||||||
edit_comment_link( __( 'Edit', 'tainacan-interface' ), '<li class="edit-link list-inline-item mr-3 mt-2">', '</li>' );
|
);
|
||||||
|
wp_kses_post( edit_comment_link( __( 'Edit', 'tainacan-interface' ), '<li class="edit-link list-inline-item mr-3 mt-2">', '</li>' ) );
|
||||||
?>
|
?>
|
||||||
<?php if ( $args['has_children'] ) : ?>
|
|
||||||
<p>
|
|
||||||
<!-- <a href="#comments" class="hideChild-comments"><i class="tainacan-icons align-top text-jelly-bean">arrow_drop_up</i><?php _e( 'Hide reply', 'tainacan-interface' ); ?></a> -->
|
|
||||||
</p>
|
|
||||||
<?php endif; ?>
|
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<?php }
|
<?php }
|
||||||
|
@ -112,7 +109,7 @@ if ( ! function_exists('tainacan_meta_date_author') ) {
|
||||||
$string = apply_filters( 'tainacan-meta-date-author', $string );
|
$string = apply_filters( 'tainacan-meta-date-author', $string );
|
||||||
|
|
||||||
if ( $echo ) {
|
if ( $echo ) {
|
||||||
echo $string;
|
echo wp_kses_post($string);
|
||||||
} else {
|
} else {
|
||||||
return $string;
|
return $string;
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,9 +20,9 @@
|
||||||
?>
|
?>
|
||||||
<nav
|
<nav
|
||||||
style="min-height: <?php echo esc_attr(get_theme_mod('tainacan_header_min_height', 50)) ?>px;"
|
style="min-height: <?php echo esc_attr(get_theme_mod('tainacan_header_min_height', 50)) ?>px;"
|
||||||
class="navbar navbar-expand-md navbar-light bg-white menu-shadow px-0 navbar--border-bottom <?php echo 'tainacan-header-layout--' . get_theme_mod('tainacan_header_alignment_options', 'default'); ?>">
|
class="navbar navbar-expand-md navbar-light bg-white menu-shadow px-0 navbar--border-bottom <?php echo 'tainacan-header-layout--' . esc_attr(get_theme_mod('tainacan_header_alignment_options', 'default')); ?>">
|
||||||
<div class="container-fluid max-large px-0 margin-one-column" id="topNavbar">
|
<div class="container-fluid max-large px-0 margin-one-column" id="topNavbar">
|
||||||
<?php echo tainacan_get_logo(); ?>
|
<?php echo wp_kses_post(tainacan_get_logo()); ?>
|
||||||
|
|
||||||
<div class="navbar-box">
|
<div class="navbar-box">
|
||||||
<?php if ( has_nav_menu( 'navMenubelowHeader' ) ) : ?>
|
<?php if ( has_nav_menu( 'navMenubelowHeader' ) ) : ?>
|
||||||
|
@ -56,7 +56,7 @@
|
||||||
<i class="tainacan-icon tainacan-icon-close"></i>
|
<i class="tainacan-icon tainacan-icon-close"></i>
|
||||||
</button>
|
</button>
|
||||||
<div class="dropdown-menu" aria-labelledby="dropdownMenuLink">
|
<div class="dropdown-menu" aria-labelledby="dropdownMenuLink">
|
||||||
<?php get_search_form(); ?>
|
<?php wp_kses_post(get_search_form()); ?>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
|
@ -69,5 +69,5 @@
|
||||||
<a href="javascript:" id="return-to-top" style="<?php echo (get_theme_mod( 'tainacan_footer_color', 'dark' ) == 'colored' ? 'background-color: #2c2d2d;' : '') ?>"><i class="tainacan-icon tainacan-icon-arrowup"></i></a>
|
<a href="javascript:" id="return-to-top" style="<?php echo (get_theme_mod( 'tainacan_footer_color', 'dark' ) == 'colored' ? 'background-color: #2c2d2d;' : '') ?>"><i class="tainacan-icon tainacan-icon-arrowup"></i></a>
|
||||||
|
|
||||||
<?php if ( !is_page_template( 'page-templates/landing.php' ) ) : ?>
|
<?php if ( !is_page_template( 'page-templates/landing.php' ) ) : ?>
|
||||||
<?php tainacan_interface_the_breadcrumb(); ?>
|
<?php wp_kses_post( tainacan_interface_the_breadcrumb() ); ?>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
Binary file not shown.
Before Width: | Height: | Size: 1.0 MiB After Width: | Height: | Size: 310 KiB |
|
@ -13,7 +13,7 @@
|
||||||
<div class="metadata-title">
|
<div class="metadata-title">
|
||||||
<p><a href="<?php the_permalink(); ?>"><?php the_title(); ?></a></p>
|
<p><a href="<?php the_permalink(); ?>"><?php the_title(); ?></a></p>
|
||||||
<?php if ( $is_slideshow_available ) : ?>
|
<?php if ( $is_slideshow_available ) : ?>
|
||||||
<a href="?<?php echo $_SERVER['QUERY_STRING'] ?>&slideshow-from=<?php echo $item_index ?>" class="icon slideshow-icon">
|
<a href="<?php echo esc_url('?' . $_SERVER['QUERY_STRING'] . '&slideshow-from=' . $item_index ); ?>" class="icon slideshow-icon">
|
||||||
<i class="tainacan-icon tainacan-icon-viewgallery tainacan-icon-1-125em"></i>
|
<i class="tainacan-icon tainacan-icon-viewgallery tainacan-icon-1-125em"></i>
|
||||||
</a>
|
</a>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
|
|
|
@ -38,15 +38,15 @@
|
||||||
|
|
||||||
<div id="item-single-navigation" class="d-flex align-items-center justify-center">
|
<div id="item-single-navigation" class="d-flex align-items-center justify-center">
|
||||||
<div class="pagination">
|
<div class="pagination">
|
||||||
<?php echo $previous; ?>
|
<?php echo wp_kses_post($previous); ?>
|
||||||
</div>
|
</div>
|
||||||
<div class="pagination">
|
<div class="pagination">
|
||||||
<?php echo $next; ?>
|
<?php echo wp_kses_post($next); ?>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div style="margin: 0 4.1666667%" class="pagination">
|
<div style="margin: 0 4.1666667%" class="pagination">
|
||||||
<a class="d-inline-flex align-items-center" href="<?php echo tainacan_get_source_item_list_url(); ?>">
|
<a class="d-inline-flex align-items-center" href="<?php echo esc_url(tainacan_get_source_item_list_url()); ?>">
|
||||||
<i class="tainacan-icon tainacan-icon-viewtable tainacan-icon-1-25em"></i> <span><?php echo __('Back to items list', 'tainacan-interface') ?></span>
|
<i class="tainacan-icon tainacan-icon-viewtable tainacan-icon-1-25em"></i> <span><?php echo __('Back to items list', 'tainacan-interface') ?></span>
|
||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in New Issue