- fixed member directory scripts enqueue;

- added integration with User Location extension;
- sanitize $_GET variables in wp-admin side;
This commit is contained in:
nikitasinelnikov
2020-02-12 12:36:47 +02:00
parent 7ab7a06b75
commit 2d36eaea36
15 changed files with 65 additions and 48 deletions
+1 -1
View File
@@ -191,7 +191,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Menu' ) ) {
function um_roles_pages() {
if ( empty( $_GET['tab'] ) ) {
include_once um_path . 'includes/admin/core/list-tables/roles-list-table.php';
} elseif ( $_GET['tab'] == 'add' || $_GET['tab'] == 'edit' ) {
} elseif ( sanitize_key( $_GET['tab'] ) == 'add' || sanitize_key( $_GET['tab'] ) == 'edit' ) {
include_once um_path . 'includes/admin/templates/role/role-edit.php';
} else {
um_js_redirect( add_query_arg( array( 'page' => 'um_roles' ), get_admin_url( 'admin.php' ) ) );