Fixing sanitizing, escaping and prefix´s issues
This commit is contained in:
Holger Könemann
parent
44c38d710a
commit
a97c485ea3
|
|
@ -15,7 +15,8 @@ That’s what UnderStrap is.
|
|||
You can use it as starter theme and build your own theme on top of it. Or you use it as parent theme and create your own child theme for UnderStrap.
|
||||
|
||||
## License
|
||||
UnderStrap is released under the terms of the GPL version 2 or (at your option) any later version.
|
||||
UnderStrap WordPress Theme, Copyright 2013-2017 Holger Koenemann
|
||||
UnderStrap is distributed under the terms of the GNU GPL version 2
|
||||
|
||||
http://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html
|
||||
|
||||
|
|
|
|||
|
|
@ -63,7 +63,7 @@ $sidebar_pos = get_theme_mod( 'understrap_sidebar_position' );
|
|||
<?php while ( have_posts() ) : the_post(); ?>
|
||||
<li>
|
||||
<a rel="bookmark" href="<?php the_permalink() ?>"
|
||||
title="Permanent Link: <?php the_title(); ?>">
|
||||
title="<?php esc_html_e( 'Permanent Link:', 'understrap' ); ?> <?php the_title(); ?>">
|
||||
<?php the_title(); ?></a>,
|
||||
<?php understrap_posted_on(); ?> <?php esc_html_e( 'in',
|
||||
'understrap' ); ?> <?php the_category( '&' ); ?>
|
||||
|
|
|
|||
|
|
@ -40,10 +40,24 @@ if ( ! function_exists( 'understrap_theme_customize_register' ) ) {
|
|||
'priority' => 160,
|
||||
) );
|
||||
|
||||
//select sanitization function
|
||||
function understrap_theme_slug_sanitize_select( $input, $setting ){
|
||||
|
||||
//input must be a slug: lowercase alphanumeric characters, dashes and underscores are allowed only
|
||||
$input = sanitize_key($input);
|
||||
|
||||
//get the list of possible select options
|
||||
$choices = $setting->manager->get_control( $setting->id )->choices;
|
||||
|
||||
//return input if valid or return default option
|
||||
return ( array_key_exists( $input, $choices ) ? $input : $setting->default );
|
||||
|
||||
}
|
||||
|
||||
$wp_customize->add_setting( 'understrap_container_type', array(
|
||||
'default' => 'container',
|
||||
'type' => 'theme_mod',
|
||||
'sanitize_callback' => 'esc_textarea',
|
||||
'sanitize_callback' => 'understrap_theme_slug_sanitize_select',
|
||||
'capability' => 'edit_theme_options',
|
||||
) );
|
||||
|
||||
|
|
@ -67,7 +81,7 @@ if ( ! function_exists( 'understrap_theme_customize_register' ) ) {
|
|||
$wp_customize->add_setting( 'understrap_sidebar_position', array(
|
||||
'default' => 'right',
|
||||
'type' => 'theme_mod',
|
||||
'sanitize_callback' => 'esc_textarea',
|
||||
'sanitize_callback' => 'sanitize_text_field',
|
||||
'capability' => 'edit_theme_options',
|
||||
) );
|
||||
|
||||
|
|
@ -81,6 +95,7 @@ if ( ! function_exists( 'understrap_theme_customize_register' ) ) {
|
|||
'section' => 'understrap_theme_layout_options',
|
||||
'settings' => 'understrap_sidebar_position',
|
||||
'type' => 'select',
|
||||
'sanitize_callback' => 'understrap_theme_slug_sanitize_select',
|
||||
'choices' => array(
|
||||
'right' => __( 'Right sidebar', 'understrap' ),
|
||||
'left' => __( 'Left sidebar', 'understrap' ),
|
||||
|
|
|
|||
|
|
@ -13,8 +13,6 @@ if ( ! function_exists( 'understrap_scripts' ) ) {
|
|||
// Get the theme data.
|
||||
$the_theme = wp_get_theme();
|
||||
wp_enqueue_style( 'understrap-styles', get_stylesheet_directory_uri() . '/css/theme.min.css', array(), $the_theme->get( 'Version' ), false );
|
||||
//wp_register_script('jquery-slim', (get_template_directory_uri() . '/js/jquery.slim.min.js'), true, '3.2.1');
|
||||
//wp_enqueue_script( 'jquery-slim' );
|
||||
wp_enqueue_script( 'popper-scripts', get_template_directory_uri() . '/js/popper.min.js', array(), true);
|
||||
wp_enqueue_script( 'understrap-scripts', get_template_directory_uri() . '/js/theme.min.js', array(), $the_theme->get( 'Version' ), true );
|
||||
if ( is_singular() && comments_open() && get_option( 'thread_comments' ) ) {
|
||||
|
|
|
|||
|
|
@ -4,12 +4,12 @@
|
|||
*
|
||||
* @package understrap
|
||||
*/
|
||||
add_action( 'after_setup_theme', 'woocommerce_support' );
|
||||
if ( ! function_exists( 'woocommerce_support' ) ) {
|
||||
add_action( 'after_setup_theme', 'understrap_woocommerce_support' );
|
||||
if ( ! function_exists( 'understrap_woocommerce_support' ) ) {
|
||||
/**
|
||||
* Declares WooCommerce theme support.
|
||||
*/
|
||||
function woocommerce_support() {
|
||||
function understrap_woocommerce_support() {
|
||||
add_theme_support( 'woocommerce' );
|
||||
|
||||
// Add New Woocommerce 3.0.0 Product Gallery support
|
||||
|
|
|
|||
|
|
@ -16,7 +16,8 @@ Website: [http://understrap.com](http://understrap.com)
|
|||
Child Theme Project: [https://github.com/holger1411/understrap-child](https://github.com/holger1411/understrap-child)
|
||||
|
||||
## License
|
||||
UnderStrap is released under the terms of the GPL version 2 or (at your option) any later version.
|
||||
UnderStrap WordPress Theme, Copyright 2013-2017 Holger Koenemann
|
||||
UnderStrap is distributed under the terms of the GNU GPL version 2
|
||||
|
||||
http://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html
|
||||
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@
|
|||
|
||||
<span class="carousel-control-prev-icon" aria-hidden="true"></span>
|
||||
|
||||
<span class="sr-only">Previous</span>
|
||||
<span class="sr-only"><?php esc_html_e( 'Previous', 'understrap' ); ?></span>
|
||||
|
||||
</a>
|
||||
|
||||
|
|
@ -31,7 +31,7 @@
|
|||
|
||||
<span class="carousel-control-next-icon" aria-hidden="true"></span>
|
||||
|
||||
<span class="sr-only">Next</span>
|
||||
<span class="sr-only"><?php esc_html_e( 'Next', 'understrap' ); ?></span></span>
|
||||
|
||||
</a>
|
||||
|
||||
|
|
|
|||
Reference in New Issue