WP PLUGIN MTEE(Meta Tag etc Extend) 表示のエスケープ
・echo時データのエスケープ処理追加
This commit is contained in:
+10
-19
@@ -24,7 +24,7 @@ $rss_disabled = $this->get_key_setting('rss_disabled');
|
||||
</nav>
|
||||
<form action="" method="post">
|
||||
<?php wp_nonce_field('check_options'); ?>
|
||||
<input type="hidden" id="mtee_set_nav" name="mtee_set_nav" value="<?php echo $mtee_set_nav; ?>">
|
||||
<input type="hidden" id="mtee_set_nav" name="mtee_set_nav" value="<?php echo esc_html($mtee_set_nav); ?>">
|
||||
<div class="mtee_tab_box">
|
||||
<div class="mtee-form-box">
|
||||
<h2>メタキーワード・ディスクリプション</h2>
|
||||
@@ -38,11 +38,11 @@ $rss_disabled = $this->get_key_setting('rss_disabled');
|
||||
<h3>meta keywords テンプレート設定</h3>
|
||||
<p>個別設定していない投稿やカテゴリー等は、このテンプレートを適用します。</p>
|
||||
<?php
|
||||
$post_meta_keywords_tmp = get_option('_mtee')['keywords_tmp']['post'] ?? '';
|
||||
$page_meta_keywords_tmp = get_option('_mtee')['keywords_tmp']['page'] ?? '';
|
||||
$cat_meta_keywords_tmp = get_option('_mtee')['keywords_tmp']['category'] ?? '';
|
||||
$tag_meta_keywords_tmp = get_option('_mtee')['keywords_tmp']['tag'] ?? '';
|
||||
$tax_meta_keywords_tmp = get_option('_mtee')['keywords_tmp']['tax'] ?? '';
|
||||
$post_meta_keywords_tmp = $this->set_escape_str($opt, 'keywords_tmp', 'post');
|
||||
$page_meta_keywords_tmp = $this->set_escape_str($opt, 'keywords_tmp', 'page');
|
||||
$cat_meta_keywords_tmp = $this->set_escape_str($opt, 'keywords_tmp', 'category');
|
||||
$tag_meta_keywords_tmp = $this->set_escape_str($opt, 'keywords_tmp', 'tag');
|
||||
$tax_meta_keywords_tmp = $this->set_escape_str($opt, 'keywords_tmp', 'tax');
|
||||
?>
|
||||
<dl class="mtee_description_tmp_list">
|
||||
<dt>投稿</dt>
|
||||
@@ -97,10 +97,10 @@ $rss_disabled = $this->get_key_setting('rss_disabled');
|
||||
<h3>meta description テンプレート設定</h3>
|
||||
<p>個別設定していない投稿やカテゴリー等は、このテンプレートを適用します。</p>
|
||||
<?php
|
||||
$page_meta_desc_tmp = get_option('_mtee')['description_tmp']['page'] ?? '';
|
||||
$cat_meta_desc_tmp = get_option('_mtee')['description_tmp']['category'] ?? '';
|
||||
$tag_meta_desc_tmp = get_option('_mtee')['description_tmp']['tag'] ?? '';
|
||||
$tax_meta_desc_tmp = get_option('_mtee')['description_tmp']['tax'] ?? '';
|
||||
$page_meta_desc_tmp = $this->set_escape_str($opt, 'description_tmp', 'page');
|
||||
$cat_meta_desc_tmp = $this->set_escape_str($opt, 'description_tmp', 'category');
|
||||
$tag_meta_desc_tmp = $this->set_escape_str($opt, 'description_tmp', 'tag');
|
||||
$tax_meta_desc_tmp = $this->set_escape_str($opt, 'description_tmp', 'tax');
|
||||
?>
|
||||
<dl class="mtee_description_tmp_list">
|
||||
<dt>ページ/投稿</dt>
|
||||
@@ -184,15 +184,6 @@ $rss_disabled = $this->get_key_setting('rss_disabled');
|
||||
value="1">出力しない
|
||||
</label>
|
||||
</div>
|
||||
<div class="mtee-form-box mtee_box_border">
|
||||
<h3>Canonical URL 出力</h3>
|
||||
<label>
|
||||
<input type="hidden" name="_mtee[canonical_setting]" value="0">
|
||||
<input type="checkbox"
|
||||
name="_mtee[canonical_setting]" <?php checked($canonical_setting, 1); ?>
|
||||
value="1">有効
|
||||
</label>
|
||||
</div>
|
||||
<div class="mtee-form-box mtee_box_border">
|
||||
<h3>WordPressバージョン情報</h3>
|
||||
<label>
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
<h2 class="mtee_page_title mtee_box_border">トップページ</h2>
|
||||
<?php
|
||||
$canonical_url = $opt['top_page']['canonical'] ?? '';
|
||||
$canonical_url = esc_html($opt['top_page']['canonical'] ?? '');
|
||||
?>
|
||||
<div class="mtee-form-box">
|
||||
<table class="form-table">
|
||||
@@ -18,19 +18,19 @@ $canonical_url = $opt['top_page']['canonical'] ?? '';
|
||||
<h2 class="mtee_page_title">カスタム投稿アーカイブ</h2>
|
||||
<?php foreach ($register_targets['custom_posts'] as $custom_post): ?>
|
||||
<?php
|
||||
$canonical_url = $opt['custom_post'][$custom_post]['canonical'] ?? '';
|
||||
$canonical_url = esc_html($opt['custom_post'][$custom_post]['canonical'] ?? '');
|
||||
?>
|
||||
<?php wp_nonce_field('check_options'); ?>
|
||||
<div class="mtee-form-box">
|
||||
<h3 class="mtee_page_archive_title">
|
||||
<?php echo get_post_type_object($custom_post)->label; ?>
|
||||
(<?php echo $custom_post; ?>)
|
||||
(<?php echo esc_html($custom_post); ?>)
|
||||
</h3>
|
||||
<table class="form-table">
|
||||
<tr valign="top">
|
||||
<th>Canonical URL</th>
|
||||
<td><input class="top_page_description" type="text"
|
||||
name="_mtee[custom_post][<?php echo $custom_post; ?>][canonical]"
|
||||
name="_mtee[custom_post][<?php echo esc_html($custom_post); ?>][canonical]"
|
||||
value="<?php echo $canonical_url; ?>"
|
||||
placeholder="<?php echo get_post_type_archive_link($custom_post); ?>">
|
||||
</td>
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
<h2 class="mtee_page_title mtee_box_border">トップページ</h2>
|
||||
<?php
|
||||
$keywords = $opt['top_page']['keywords'] ?? '';
|
||||
$description = $opt['top_page']['description'] ?? '';
|
||||
$keywords = esc_html($opt['top_page']['keywords'] ?? '');
|
||||
$description = esc_html($opt['top_page']['description'] ?? '');
|
||||
?>
|
||||
<div class="mtee-form-box">
|
||||
<table class="form-table">
|
||||
@@ -25,20 +25,20 @@ $description = $opt['top_page']['description'] ?? '';
|
||||
<h2 class="mtee_page_title">カスタム投稿アーカイブ</h2>
|
||||
<?php foreach ($register_targets['custom_posts'] as $custom_post): ?>
|
||||
<?php
|
||||
$keywords = $opt['custom_post'][$custom_post]['keywords'] ?? '';
|
||||
$description = $opt['custom_post'][$custom_post]['description'] ?? '';
|
||||
$keywords = esc_html($opt['custom_post'][$custom_post]['keywords'] ?? '');
|
||||
$description = esc_html($opt['custom_post'][$custom_post]['description'] ?? '');
|
||||
?>
|
||||
<?php wp_nonce_field('check_options'); ?>
|
||||
<div class="mtee-form-box">
|
||||
<h3 class="mtee_page_archive_title">
|
||||
<?php echo get_post_type_object($custom_post)->label; ?>
|
||||
(<?php echo $custom_post; ?>)
|
||||
(<?php echo esc_html($custom_post); ?>)
|
||||
</h3>
|
||||
<table class="form-table">
|
||||
<tr valign="top">
|
||||
<th>meta keywords</th>
|
||||
<td><input class="top_page_keywords" type="text"
|
||||
name="_mtee[custom_post][<?php echo $custom_post; ?>][keywords]"
|
||||
name="_mtee[custom_post][<?php echo esc_html($custom_post); ?>][keywords]"
|
||||
value="<?php echo $keywords; ?>" placeholder="キーワード1,キーワード2,キーワード3">
|
||||
<br>キーワードはカンマ(,)区切りで入力してください
|
||||
</td>
|
||||
@@ -46,7 +46,7 @@ $description = $opt['top_page']['description'] ?? '';
|
||||
<tr valign="top">
|
||||
<th>meta description</th>
|
||||
<td><input class="top_page_description" type="text"
|
||||
name="_mtee[custom_post][<?php echo $custom_post; ?>][description]"
|
||||
name="_mtee[custom_post][<?php echo esc_html($custom_post); ?>][description]"
|
||||
value="<?php echo $description; ?>"
|
||||
placeholder="<?php echo get_bloginfo('name'); ?>の[カスタム投稿ラベル]<?php echo MTEE_CONFIG::MTEE_META_DESC_ARCHIVE_BASE; ?>">
|
||||
</td>
|
||||
|
||||
@@ -39,7 +39,7 @@ $nofollow = $opt['top_page']['nofollow'] ?? '0';
|
||||
<div class="mtee-form-box">
|
||||
<h3 class="mtee_page_archive_title">
|
||||
<?php echo get_post_type_object($custom_post)->label; ?>
|
||||
(<?php echo $custom_post; ?>)
|
||||
(<?php echo esc_html($custom_post); ?>)
|
||||
</h3>
|
||||
<table class="form-table">
|
||||
<tr valign="top">
|
||||
@@ -48,19 +48,19 @@ $nofollow = $opt['top_page']['nofollow'] ?? '0';
|
||||
<div class="meta_noindex_nofollow_box">
|
||||
<label>
|
||||
<input type="hidden"
|
||||
name="_mtee[custom_post][<?php echo $custom_post; ?>][noindex]"
|
||||
name="_mtee[custom_post][<?php echo esc_html($custom_post); ?>][noindex]"
|
||||
value="0"/>
|
||||
<input type="checkbox"
|
||||
name="_mtee[custom_post][<?php echo $custom_post; ?>][noindex]" <?php checked($noindex, 1); ?>
|
||||
name="_mtee[custom_post][<?php echo esc_html($custom_post); ?>][noindex]" <?php checked($noindex, 1); ?>
|
||||
value="1"/>
|
||||
noindex
|
||||
</label>
|
||||
<label>
|
||||
<input type="hidden"
|
||||
name="_mtee[custom_post][<?php echo $custom_post; ?>][nofollow]"
|
||||
name="_mtee[custom_post][<?php echo esc_html($custom_post); ?>][nofollow]"
|
||||
value="0"/>
|
||||
<input type="checkbox"
|
||||
name="_mtee[custom_post][<?php echo $custom_post; ?>][nofollow]" <?php checked($nofollow, 1); ?>
|
||||
name="_mtee[custom_post][<?php echo esc_html($custom_post); ?>][nofollow]" <?php checked($nofollow, 1); ?>
|
||||
value="1"/>
|
||||
nofollow
|
||||
</label>
|
||||
|
||||
+10
-10
@@ -1,8 +1,8 @@
|
||||
<h2 class="mtee_page_title mtee_box_border">トップページ</h2>
|
||||
<?php
|
||||
$ogp_title = $opt['top_page']['ogp_title'] ?? '';
|
||||
$ogp_description = $opt['top_page']['ogp_description'] ?? '';
|
||||
$ogp_img = $opt['top_page']['ogp_img'] ?? '';
|
||||
$ogp_title = esc_html($opt['top_page']['ogp_title'] ?? '');
|
||||
$ogp_description = esc_html($opt['top_page']['ogp_description'] ?? '');
|
||||
$ogp_img = esc_html($opt['top_page']['ogp_img'] ?? '');
|
||||
?>
|
||||
<div class="mtee-form-box">
|
||||
<table class="form-table">
|
||||
@@ -34,28 +34,28 @@ $ogp_img = $opt['top_page']['ogp_img'] ?? '';
|
||||
<h2 class="mtee_page_title">カスタム投稿アーカイブ</h2>
|
||||
<?php foreach ($register_targets['custom_posts'] as $custom_post): ?>
|
||||
<?php
|
||||
$ogp_title = $opt['custom_post'][$custom_post]['ogp_title'] ?? '';
|
||||
$ogp_description = $opt['custom_post'][$custom_post]['ogp_description'] ?? '';
|
||||
$ogp_img = $opt['custom_post'][$custom_post]['ogp_img'] ?? '';
|
||||
$ogp_title = esc_html($opt['custom_post'][$custom_post]['ogp_title'] ?? '');
|
||||
$ogp_description = esc_html($opt['custom_post'][$custom_post]['ogp_description'] ?? '');
|
||||
$ogp_img = esc_html($opt['custom_post'][$custom_post]['ogp_img'] ?? '');
|
||||
?>
|
||||
<?php wp_nonce_field('check_options'); ?>
|
||||
<div class="mtee-form-box">
|
||||
<h3 class="mtee_page_archive_title">
|
||||
<?php echo get_post_type_object($custom_post)->label; ?>
|
||||
(<?php echo $custom_post; ?>)
|
||||
(<?php echo esc_html($custom_post); ?>)
|
||||
</h3>
|
||||
<table class="form-table">
|
||||
<tr valign="top">
|
||||
<th>OGP title</th>
|
||||
<td><input class="top_page_keywords" type="text"
|
||||
name="_mtee[custom_post][<?php echo $custom_post; ?>][ogp_title]"
|
||||
name="_mtee[custom_post][<?php echo esc_html($custom_post); ?>][ogp_title]"
|
||||
value="<?php echo $ogp_title; ?>">
|
||||
</td>
|
||||
</tr>
|
||||
<tr valign="top">
|
||||
<th>OGP description</th>
|
||||
<td><input class="top_page_description" type="text"
|
||||
name="_mtee[custom_post][<?php echo $custom_post; ?>][ogp_description]"
|
||||
name="_mtee[custom_post][<?php echo esc_html($custom_post); ?>][ogp_description]"
|
||||
value="<?php echo $ogp_description; ?>">
|
||||
</td>
|
||||
</tr>
|
||||
@@ -63,7 +63,7 @@ $ogp_img = $opt['top_page']['ogp_img'] ?? '';
|
||||
<th>OGP Image</th>
|
||||
<td>
|
||||
<input class="<?php echo MTEE_CONFIG::MTEE_OGP_IMG; ?>"
|
||||
name="_mtee[custom_post][<?php echo $custom_post; ?>][ogp_img]"
|
||||
name="_mtee[custom_post][<?php echo esc_html($custom_post); ?>][ogp_img]"
|
||||
type="hidden"
|
||||
value="<?php echo $ogp_img; ?>"/>
|
||||
<input type="button" class="select_ogp_img" name="select_ogp_img" value="選択"/>
|
||||
|
||||
@@ -33,6 +33,10 @@ if (!trait_exists('mtee_utils')) {
|
||||
}
|
||||
}
|
||||
|
||||
public function set_escape_str($base, $param, $type) {
|
||||
return esc_html($base[$param][$type] ?? '');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user