From e502ea6dce9eb6f0428432f99d6d20481bdab7cb Mon Sep 17 00:00:00 2001 From: nobu Date: Thu, 17 Jun 2021 16:05:25 +0900 Subject: [PATCH] =?UTF-8?q?WP=20PLUGIN=20MTEE(Meta=20Tag=20etc=20Extend)?= =?UTF-8?q?=20=E7=99=BB=E9=8C=B2=E3=83=87=E3=83=BC=E3=82=BF=E3=81=AE?= =?UTF-8?q?=E3=82=B5=E3=83=8B=E3=82=BF=E3=82=A4=E3=82=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ・update_post_meta、update_term_metaのデータをサニタイズ --- class/mtee.php | 4 ++- class/mtee_canonical_setting.php | 16 +++++------ class/mtee_noindexnofolow_setting.php | 14 +++++----- class/mtee_ogp_post_setting.php | 21 +++++---------- class/mtee_ogp_tax_setting.php | 17 ++++-------- class/mtee_post_setting.php | 14 +++------- class/mtee_tax_setting.php | 10 +++---- css/mtee.css | 9 +++++++ meta-tag-etc-extend.php | 1 + template/index.php | 4 +-- trait/mtee_utils.php | 38 +++++++++++++++++++++++++++ 11 files changed, 84 insertions(+), 64 deletions(-) create mode 100644 trait/mtee_utils.php diff --git a/class/mtee.php b/class/mtee.php index 0042231..8f6bd46 100644 --- a/class/mtee.php +++ b/class/mtee.php @@ -13,6 +13,8 @@ if (!class_exists('MTEE')) { */ class MTEE { + use mtee_utils; + public function __construct() { add_action('admin_menu', array($this, 'add_pages')); } @@ -32,7 +34,7 @@ if (!class_exists('MTEE')) { //$_POST['_mtee'])があったら保存 if (isset($_POST['_mtee'])) { check_admin_referer('check_options'); - $opt = $_POST['_mtee']; + $opt = $this->get_post_sanitize_data('_mtee', 'array'); update_option('_mtee', $opt); require_once MTEE_CONFIG::MTEE_TEMPLATE_DIR . 'success.php'; } diff --git a/class/mtee_canonical_setting.php b/class/mtee_canonical_setting.php index 4175f5c..f4d42bf 100644 --- a/class/mtee_canonical_setting.php +++ b/class/mtee_canonical_setting.php @@ -11,6 +11,8 @@ if (!class_exists('mtee_canonical_setting')) { */ class mtee_canonical_setting { + use mtee_utils; + private $options; public function __construct($options) { @@ -53,9 +55,9 @@ if (!class_exists('mtee_canonical_setting')) { public function insert_meta_fields() { global $post; echo '
- +
-
@@ -64,11 +66,7 @@ placeholder="' . $this->set_default_post_canonical_url($post->ID) . '" /> // カスタムフィールドの値を保存 public function save_meta_fields($post_id) { - if (!empty($_POST[MTEE_CONFIG::MTEE_CANONICAL_URL])) { //meta_keywordsが入力されている場合 - update_post_meta($post_id, MTEE_CONFIG::MTEE_CANONICAL_URL, $_POST[MTEE_CONFIG::MTEE_CANONICAL_URL]); //値を保存 - } else { //未入力の場合は値を削除 - delete_post_meta($post_id, MTEE_CONFIG::MTEE_CANONICAL_URL); - } + $this->save_post_meta($post_id, MTEE_CONFIG::MTEE_CANONICAL_URL); } public function set_default_post_canonical_url($id) { @@ -143,9 +141,7 @@ placeholder="' . $this->set_default_post_canonical_url($post->ID) . '" /> } public function save_terms($term_id) { - if (array_key_exists(MTEE_CONFIG::MTEE_CANONICAL_URL, $_POST)) { - update_term_meta($term_id, MTEE_CONFIG::MTEE_CANONICAL_URL, $_POST[MTEE_CONFIG::MTEE_CANONICAL_URL]); - } + $this->save_term_meta($term_id, MTEE_CONFIG::MTEE_CANONICAL_URL); } } diff --git a/class/mtee_noindexnofolow_setting.php b/class/mtee_noindexnofolow_setting.php index d0d696c..09f10e6 100644 --- a/class/mtee_noindexnofolow_setting.php +++ b/class/mtee_noindexnofolow_setting.php @@ -11,6 +11,8 @@ if (!class_exists('mtee_noindexnofolow_setting')) { */ class mtee_noindexnofolow_setting { + use mtee_utils; + public function __construct($options) { //posts add_action('admin_menu', array($this, 'add_meta_fields')); @@ -67,8 +69,8 @@ if (!class_exists('mtee_noindexnofolow_setting')) { // カスタムフィールドの値を保存 public function save_meta_fields($post_id) { - update_post_meta($post_id, MTEE_CONFIG::MTEE_NAME_NOINDEX, $_POST[MTEE_CONFIG::MTEE_NAME_NOINDEX] ?? ''); - update_post_meta($post_id, MTEE_CONFIG::MTEE_NAME_NOFOLLOW, $_POST[MTEE_CONFIG::MTEE_NAME_NOFOLLOW] ?? ''); + $this->save_post_meta($post_id, MTEE_CONFIG::MTEE_NAME_NOINDEX); + $this->save_post_meta($post_id, MTEE_CONFIG::MTEE_NAME_NOFOLLOW); } //------------------------------------------------------------------------------------------- @@ -141,12 +143,8 @@ nofollow } public function save_terms($term_id) { - if (array_key_exists(MTEE_CONFIG::MTEE_NAME_NOINDEX, $_POST)) { - update_term_meta($term_id, MTEE_CONFIG::MTEE_NAME_NOINDEX, $_POST[MTEE_CONFIG::MTEE_NAME_NOINDEX]); - } - if (array_key_exists(MTEE_CONFIG::MTEE_NAME_NOFOLLOW, $_POST)) { - update_term_meta($term_id, MTEE_CONFIG::MTEE_NAME_NOFOLLOW, $_POST[MTEE_CONFIG::MTEE_NAME_NOFOLLOW]); - } + $this->save_term_meta($term_id, MTEE_CONFIG::MTEE_NAME_NOINDEX); + $this->save_term_meta($term_id, MTEE_CONFIG::MTEE_NAME_NOFOLLOW); } } diff --git a/class/mtee_ogp_post_setting.php b/class/mtee_ogp_post_setting.php index 1bd22f5..0d54c44 100644 --- a/class/mtee_ogp_post_setting.php +++ b/class/mtee_ogp_post_setting.php @@ -10,6 +10,8 @@ if (!class_exists('mtee_ogp_post_setting')) { */ class mtee_ogp_post_setting { + use mtee_utils; + private $options; public function __construct($options) { @@ -93,21 +95,10 @@ var ogp_img_name = ' . "'" . MTEE_CONFIG::MTEE_OGP_IMG . "'" . ' // カスタムフィールドの値を保存 public function save_meta_fields($post_id) { - if (!empty($_POST[MTEE_CONFIG::MTEE_OGP_TITLE])) { //meta_keywordsが入力されている場合 - update_post_meta($post_id, MTEE_CONFIG::MTEE_OGP_TITLE, $_POST[MTEE_CONFIG::MTEE_OGP_TITLE]); //値を保存 - } else { //未入力の場合は値を削除 - delete_post_meta($post_id, MTEE_CONFIG::MTEE_OGP_TITLE); - } - if (!empty($_POST[MTEE_CONFIG::MTEE_OGP_DESC])) { - update_post_meta($post_id, MTEE_CONFIG::MTEE_OGP_DESC, $_POST[MTEE_CONFIG::MTEE_OGP_DESC]); - } else { - delete_post_meta($post_id, MTEE_CONFIG::MTEE_OGP_DESC); - } - if (!empty($_POST[MTEE_CONFIG::MTEE_OGP_IMG])) { - update_post_meta($post_id, MTEE_CONFIG::MTEE_OGP_IMG, $_POST[MTEE_CONFIG::MTEE_OGP_IMG]); - } else { - delete_post_meta($post_id, MTEE_CONFIG::MTEE_OGP_IMG); - } + $this->save_post_meta($post_id, MTEE_CONFIG::MTEE_OGP_TITLE); + $this->save_post_meta($post_id, MTEE_CONFIG::MTEE_OGP_DESC); + $this->save_post_meta($post_id, MTEE_CONFIG::MTEE_OGP_IMG); + } } diff --git a/class/mtee_ogp_tax_setting.php b/class/mtee_ogp_tax_setting.php index e8ea9de..0fa1916 100644 --- a/class/mtee_ogp_tax_setting.php +++ b/class/mtee_ogp_tax_setting.php @@ -10,6 +10,8 @@ if (!class_exists('mtee_ogp_tax_setting')) { */ class mtee_ogp_tax_setting { + use mtee_utils; + private $options; public function __construct($options) { @@ -139,18 +141,9 @@ var ogp_img_name = ' . "'" . MTEE_CONFIG::MTEE_OGP_IMG . "'" . ' } function save_terms($term_id) { - if (array_key_exists(MTEE_CONFIG::MTEE_OGP_TITLE, $_POST)) { - update_term_meta($term_id, MTEE_CONFIG::MTEE_OGP_TITLE, $_POST[MTEE_CONFIG::MTEE_OGP_TITLE]); - } - if (array_key_exists(MTEE_CONFIG::MTEE_OGP_DESC, $_POST)) { - update_term_meta($term_id, MTEE_CONFIG::MTEE_OGP_DESC, $_POST[MTEE_CONFIG::MTEE_OGP_DESC]); - } - if (!empty($_POST[MTEE_CONFIG::MTEE_OGP_IMG])) { - update_post_meta($term_id, MTEE_CONFIG::MTEE_OGP_IMG, $_POST[MTEE_CONFIG::MTEE_OGP_IMG]); - } else { - delete_post_meta($term_id, MTEE_CONFIG::MTEE_OGP_IMG); - } - + $this->save_term_meta($term_id, MTEE_CONFIG::MTEE_OGP_TITLE); + $this->save_term_meta($term_id, MTEE_CONFIG::MTEE_OGP_DESC); + $this->save_term_meta($term_id, MTEE_CONFIG::MTEE_OGP_IMG); } } diff --git a/class/mtee_post_setting.php b/class/mtee_post_setting.php index 1e4c3a0..68d7739 100644 --- a/class/mtee_post_setting.php +++ b/class/mtee_post_setting.php @@ -10,6 +10,8 @@ if (!class_exists('mtee_post_setting')) { */ class mtee_post_setting { + use mtee_utils; + private $options; public function __construct($options) { @@ -60,16 +62,8 @@ placeholder="' . $this->set_default_description() . '"/> // カスタムフィールドの値を保存 public function save_meta_fields($post_id) { - if (!empty($_POST[MTEE_CONFIG::MTEE_NAME_KEYWORDS])) { //meta_keywordsが入力されている場合 - update_post_meta($post_id, MTEE_CONFIG::MTEE_NAME_KEYWORDS, $_POST[MTEE_CONFIG::MTEE_NAME_KEYWORDS]); //値を保存 - } else { //未入力の場合は値を削除 - delete_post_meta($post_id, MTEE_CONFIG::MTEE_NAME_KEYWORDS); - } - if (!empty($_POST[MTEE_CONFIG::MTEE_NAME_DESCRIPTION])) { - update_post_meta($post_id, MTEE_CONFIG::MTEE_NAME_DESCRIPTION, $_POST[MTEE_CONFIG::MTEE_NAME_DESCRIPTION]); - } else { - delete_post_meta($post_id, MTEE_CONFIG::MTEE_NAME_DESCRIPTION); - } + $this->save_post_meta($post_id, MTEE_CONFIG::MTEE_NAME_KEYWORDS); + $this->save_post_meta($post_id, MTEE_CONFIG::MTEE_NAME_DESCRIPTION); } public function set_default_keywords() { diff --git a/class/mtee_tax_setting.php b/class/mtee_tax_setting.php index 274a778..5671ebd 100644 --- a/class/mtee_tax_setting.php +++ b/class/mtee_tax_setting.php @@ -10,6 +10,8 @@ if (!class_exists('mtee_tax_setting')) { */ class mtee_tax_setting { + use mtee_utils; + private $options; public function __construct($options) { @@ -127,12 +129,8 @@ class="tax-meta-field" /> } function save_terms($term_id) { - if (array_key_exists(MTEE_CONFIG::MTEE_NAME_KEYWORDS, $_POST)) { - update_term_meta($term_id, MTEE_CONFIG::MTEE_NAME_KEYWORDS, $_POST[MTEE_CONFIG::MTEE_NAME_KEYWORDS]); - } - if (array_key_exists(MTEE_CONFIG::MTEE_NAME_DESCRIPTION, $_POST)) { - update_term_meta($term_id, MTEE_CONFIG::MTEE_NAME_DESCRIPTION, $_POST[MTEE_CONFIG::MTEE_NAME_DESCRIPTION]); - } + $this->save_term_meta($term_id, MTEE_CONFIG::MTEE_NAME_KEYWORDS); + $this->save_term_meta($term_id, MTEE_CONFIG::MTEE_NAME_DESCRIPTION); } } diff --git a/css/mtee.css b/css/mtee.css index 6f012f6..7777409 100644 --- a/css/mtee.css +++ b/css/mtee.css @@ -125,6 +125,15 @@ label.mtee-label { margin-top: 1em; } +.width_100{ + width: 100%; +} + +.block_bold { + font-weight: bold; + display: block +} + @media screen and (max-width: 768px) { .mtee_description_tmp_list { display: block; diff --git a/meta-tag-etc-extend.php b/meta-tag-etc-extend.php index 265ef8a..2fa8331 100644 --- a/meta-tag-etc-extend.php +++ b/meta-tag-etc-extend.php @@ -18,6 +18,7 @@ Twitter */ include_once __DIR__ . '/mtee_config.php'; +include_once MTEE_CONFIG::MTEE_TRAIT_DIR . 'mtee_utils.php'; include_once MTEE_CONFIG::MTEE_CLASS_DIR . 'mtee.php'; //admin css/js setting diff --git a/template/index.php b/template/index.php index b14ab90..f404dc4 100644 --- a/template/index.php +++ b/template/index.php @@ -199,7 +199,7 @@ $rss_disabled = $this->get_key_setting('rss_disabled'); - value="1">削除 + value="1">表示しない
@@ -208,7 +208,7 @@ $rss_disabled = $this->get_key_setting('rss_disabled'); - value="1">削除 + value="1">表示しない
diff --git a/trait/mtee_utils.php b/trait/mtee_utils.php new file mode 100644 index 0000000..1b2b0f8 --- /dev/null +++ b/trait/mtee_utils.php @@ -0,0 +1,38 @@ +get_post_sanitize_data($var_name)); //値を保存 + } else { //未入力の場合は値を削除 + delete_post_meta($post_id, $var_name); + } + } + + public function save_term_meta($term_id, $var_name) { + if (array_key_exists($var_name, $_POST)) { + update_term_meta($term_id, $var_name, $this->get_post_sanitize_data($var_name)); + } else { //未入力の場合は値を削除 + delete_term_meta($term_id, $var_name); + } + } + + } + +} \ No newline at end of file