- added escape functions, security fix for XSS;

This commit is contained in:
nikitasinelnikov
2019-08-08 00:36:33 +03:00
parent b2e57e8f92
commit 5f66fd5fe3
95 changed files with 2228 additions and 2026 deletions
+21 -14
View File
@@ -1,27 +1,34 @@
<?php if ( empty( UM()->builder()->form_id ) ) {
<?php if ( ! defined( 'ABSPATH' ) ) exit;
if ( empty( UM()->builder()->form_id ) ) {
UM()->builder()->form_id = $this->form_id;
} ?>
<div class="um-admin-builder" data-form_id="<?php echo UM()->builder()->form_id; ?>">
<div class="um-admin-builder" data-form_id="<?php echo esc_attr( UM()->builder()->form_id ); ?>">
<div class="um-admin-drag-ctrls-demo um-admin-drag-ctrls">
<a href="#" class="active" data-modal="UM_preview_form" data-modal-size="smaller" data-dynamic-content="um_admin_preview_form" data-arg1="<?php the_ID(); ?>" data-arg2=""><?php _e('Live Preview','ultimate-member'); ?></a>
<a href="javascript:void(0);" class="active" data-modal="UM_preview_form" data-modal-size="smaller" data-dynamic-content="um_admin_preview_form"
data-arg1="<?php esc_attr( the_ID() ); ?>" data-arg2=""><?php _e('Live Preview','ultimate-member'); ?></a>
</div>
<div class="um-admin-clear"></div>
<div class="um-admin-drag">
<div class="um-admin-drag-ajax" data-form_id="<?php echo UM()->builder()->form_id; ?>">
<div class="um-admin-drag-ajax" data-form_id="<?php echo esc_attr( UM()->builder()->form_id ); ?>">
<?php UM()->builder()->show_builder(); ?>
</div>
<div class="um-admin-drag-addrow um-admin-tipsy-n" title="<?php _e('Add Master Row','ultimate-member'); ?>" data-row_action="add_row"><i class="um-icon-plus"></i></div>
<div class="um-admin-drag-addrow um-admin-tipsy-n" title="<?php esc_attr_e( 'Add Master Row', 'ultimate-member' ); ?>"
data-row_action="add_row">
<i class="um-icon-plus"></i>
</div>
</div>
</div>