- added escape functions, security fix for XSS;

This commit is contained in:
nikitasinelnikov
2019-08-08 00:36:33 +03:00
parent b2e57e8f92
commit 5f66fd5fe3
95 changed files with 2228 additions and 2026 deletions
@@ -1,20 +1,23 @@
<?php if ( ! defined( 'ABSPATH' ) ) exit; ?>
<div id="UM_edit_field" style="display:none">
<form action="" method="post" class="um_add_field">
<div class="um-admin-modal-head">
<h3><?php _e('Edit Field','ultimate-member'); ?></h3>
<h3><?php _e( 'Edit Field', 'ultimate-member' ); ?></h3>
</div>
<div class="um-admin-modal-body um-admin-metabox"></div>
<div class="um-admin-modal-foot">
<input type="submit" value="<?php _e('Update','ultimate-member'); ?>" class="button-primary" />
<input type="submit" value="<?php esc_attr_e( 'Update', 'ultimate-member' ); ?>" class="button-primary" />
<input type="hidden" name="action" value="um_update_field" />
<input type="hidden" name="nonce" value="<?php echo wp_create_nonce( 'um-admin-nonce' ) ?>" />
<a href="#" data-action="UM_remove_modal" class="button"><?php _e('Cancel','ultimate-member'); ?></a>
<input type="hidden" name="nonce" value="<?php echo esc_attr( wp_create_nonce( 'um-admin-nonce' ) ) ?>" />
<a href="javascript:void(0);" data-action="UM_remove_modal" class="button"><?php _e( 'Cancel', 'ultimate-member' ); ?></a>
</div>
</form>
</div>