- added escape functions, security fix for XSS;

This commit is contained in:
nikitasinelnikov
2019-08-08 00:36:33 +03:00
parent b2e57e8f92
commit 5f66fd5fe3
95 changed files with 2228 additions and 2026 deletions
+11 -4
View File
@@ -10,10 +10,11 @@ if ( UM()->shortcodes()->loop ) {
<!--Ajax output-->
<?php if ( count( UM()->shortcodes()->loop) >= 10 ) { ?>
<?php if ( count( UM()->shortcodes()->loop ) >= 10 ) { ?>
<div class="um-load-items">
<a href="#" class="um-ajax-paginate um-button" data-hook="um_load_comments" data-args="comment,10,10,<?php echo esc_attr( um_user('ID') ); ?>">
<a href="javascript:void(0);" class="um-ajax-paginate um-button" data-hook="um_load_comments"
data-args="comment,10,10,<?php echo esc_attr( um_user( 'ID' ) ); ?>">
<?php _e( 'load more comments', 'ultimate-member' ); ?>
</a>
</div>
@@ -25,7 +26,13 @@ if ( UM()->shortcodes()->loop ) {
<?php } else { ?>
<div class="um-profile-note">
<span><?php echo ( um_profile_id() == get_current_user_id() ) ? __( 'You have not made any comments.', 'ultimate-member' ) : __( 'This user has not made any comments.', 'ultimate-member' ); ?></span>
<span>
<?php if ( um_profile_id() == get_current_user_id() ) {
_e( 'You have not made any comments.', 'ultimate-member' );
} else {
_e( 'This user has not made any comments.', 'ultimate-member' );
} ?>
</span>
</div>
<?php } ?>
<?php }