WordPress-Plugin-Template icon indicating copy to clipboard operation
WordPress-Plugin-Template copied to clipboard

Published 20 hours ago verified publisher icon hlashbrooke

Sanitize tabs

Open seezee opened this issue 5 years ago • 3 comments

In order to pass PHPCS, I've changed the following lines in Class _Settings:

334:	$current_section = $_POST['tab'];
	$current_section = sanitize_text_field( wp_unslash( $_POST['tab'] ) );
337:	$current_section = $_GET['tab'];
	$current_section = sanitize_text_field( wp_unslash( $_GET['tab'] ) );
409:	$tab .= $_GET['tab'];
	$tab .= sanitize_text_field( wp_unslash( $_GET['tab'] ) );

These fields should never contain HTML anyway so this seems a good way to handle this unless there's some edge case I haven't thought of.

I would open a pull request, but I'm still learning how to use version control and haven't figured out how to do that yet :-(

seezee avatar Jul 01 '19 17:07 seezee

@seezee would you like me to record a screencast, on how to create a PR, might be a useful learning experience for you?

jonathanbossenger avatar Jul 01 '19 17:07 jonathanbossenger

That would be awesome!

On 1Jul 2019, at 12:24 PM, Jonathan Bossenger [email protected] wrote:

@seezee https://github.com/seezee would you like me to record a screencast, on how to create a PR, might be a useful learning experience for you?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/hlashbrooke/WordPress-Plugin-Template/issues/81?email_source=notifications&email_token=AACGIXHG765MPMKKPSXUSJTP5I4TZA5CNFSM4H4UNA6KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODY6ZVXI#issuecomment-507353821, or mute the thread https://github.com/notifications/unsubscribe-auth/AACGIXGH5FL3AUNQKEULMCDP5I4TZANCNFSM4H4UNA6A.

seezee avatar Jul 01 '19 17:07 seezee

https://youtu.be/6044wDAIejo

jonathanbossenger avatar Jul 02 '19 13:07 jonathanbossenger