Remove overzealous escaping
This commit is contained in:
David Stone
@ -108,7 +108,7 @@
|
||||
|
||||
<div class="inside">
|
||||
|
||||
<?php echo wp_kses_post($content); ?>
|
||||
<?php echo $content; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@ -61,7 +61,7 @@
|
||||
<td>
|
||||
<?php echo esc_html($form->signup_form); ?>
|
||||
<?php if ('by-admin' === $form->signup_form) : ?>
|
||||
<?php echo wp_kses_post(wu_tooltip(__('Customers created via the admin panel, by super admins.', 'wp-multisite-waas'))); ?>
|
||||
<?php echo wu_tooltip(__('Customers created via the admin panel, by super admins.', 'wp-multisite-waas')); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
<td class="wu-text-right"><?php echo intval($form->count); ?></td> <!-- Ensure count is an integer and properly escaped -->
|
||||
|
||||
@ -12,7 +12,7 @@
|
||||
<h3 class="wu-my-1 wu-text-2xs wu-uppercase"><?php echo esc_html__('Message', 'wp-multisite-waas'); ?></h3>
|
||||
|
||||
<span class="wu-my-1 wu-inline-block">
|
||||
<?php echo wp_kses_post($object->get_message()); ?>
|
||||
<?php echo $object->get_message(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
|
||||
</span>
|
||||
|
||||
</li>
|
||||
|
||||
@ -185,7 +185,7 @@ $has_tax_included = false;
|
||||
/**
|
||||
* Displays the company address.
|
||||
*/
|
||||
echo wp_kses(nl2br($company_address), array('br' => array()));
|
||||
echo nl2br(esc_html($company_address), array('br' => array()));
|
||||
|
||||
?>
|
||||
</td>
|
||||
@ -198,7 +198,7 @@ $has_tax_included = false;
|
||||
/**
|
||||
* Displays the clients address.
|
||||
*/
|
||||
echo wp_kses(nl2br(implode(PHP_EOL, (array) $billing_address)), array('br' => array()));
|
||||
echo nl2br(esc_html(implode(PHP_EOL, (array) $billing_address)), array('br' => array()));
|
||||
|
||||
?>
|
||||
|
||||
|
||||
@ -25,7 +25,7 @@
|
||||
|
||||
<?php if (isset($field->append) && ! empty($field->append)) : ?>
|
||||
|
||||
<?php echo wp_kses_post($field->append); ?>
|
||||
<?php echo $field->append; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
|
||||
|
||||
<?php endif; ?>
|
||||
|
||||
@ -33,7 +33,7 @@
|
||||
|
||||
<p class="description" id="<?php echo esc_attr($field->id); ?>-desc">
|
||||
|
||||
<?php echo $field->desc; ?>
|
||||
<?php echo $field->desc; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
|
||||
|
||||
</p>
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@
|
||||
<?php echo esc_html($shortcode['title']); ?> <code>[<?php echo esc_html($shortcode['shortcode']); ?>]</code>
|
||||
</h3>
|
||||
<p class="wu-mt-1 wu-mb-0 wu-text-gray-700">
|
||||
<?php echo wp_kses_post($shortcode['description']); ?>
|
||||
<?php echo $shortcode['description']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
@ -61,7 +61,7 @@
|
||||
<?php echo esc_html($param); ?>
|
||||
</td>
|
||||
<td class="wu-px-4 wu-py-2 wu-text-left">
|
||||
<?php echo wp_kses_post($value['desc']); ?>
|
||||
<?php echo $value['desc']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
|
||||
</td>
|
||||
<td class="wu-px-4 wu-py-2 wu-text-left">
|
||||
<?php echo esc_html($value['options']); ?>
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
</h1>
|
||||
|
||||
<p class="wu-text-lg wu-text-gray-600 wu-my-4">
|
||||
<?php echo wp_kses_post($integration->get_description()); ?>
|
||||
<?php echo $integration->get_description(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
|
||||
</p>
|
||||
|
||||
<div class="wu-bg-white wu-p-4 wu--mx-6">
|
||||
|
||||
Reference in New Issue
Block a user