Merge pull request #7 from jasonyingling/bugfix/santiziation

adding additional data sanitization

easy-footnotes-admin.php

@@ -13,28 +13,13 @@
 
 	if ( 'Y' === $_POST['easy_footnote_hidden'] ) :
 		// Form data sent.
-		$easyFootnoteLabel = ( isset( $_POST['easy_footnotes_label'] ) ) ? sanitize_text_field( wp_unslash( $_POST['easy_footnotes_label'] ) ) : '';
-
-		if ( isset( $_POST['easy_footnote_check'] ) ) {
-			$easyFootnoteCheck = true;
-		} else {
-			$easyFootnoteCheck = false;
-		}
-
-		if ( isset( $_POST['hide_easy_footnote_after_posts'] ) ) {
-			$hide_easy_footnote_after_posts = true;
-		} else {
-			$hide_easy_footnote_after_posts = false;
-		}
-
-		if ( isset( $_POST['show_easy_footnote_on_front'] ) ) {
-			$show_easy_footnote_on_front = true;
-		} else {
-			$show_easy_footnote_on_front = false;
-		}
+		$easyFootnoteLabel              = ( isset( $_POST['easy_footnotes_label'] ) ) ? sanitize_text_field( wp_unslash( $_POST['easy_footnotes_label'] ) ) : '';
+		$easyFootnoteCheck              = isset( $_POST['easy_footnote_check'] ) ? true : false;
+		$hide_easy_footnote_after_posts = isset( $_POST['hide_easy_footnote_after_posts'] ) ? true : false;
+		$show_easy_footnote_on_front    = isset( $_POST['show_easy_footnote_on_front'] ) ? true : false;
 
 		$updateOptions = array(
-			'footnoteLabel'                  => $easyFootnoteLabel,
+			'footnoteLabel'                  => sanitize_text_field( $easyFootnoteLabel ),
 			'useLabel'                       => $easyFootnoteCheck,
 			'hide_easy_footnote_after_posts' => $hide_easy_footnote_after_posts,
 			'show_easy_footnote_on_front'    => $show_easy_footnote_on_front,
@@ -49,7 +34,7 @@
 	endif;
 } else {
 	// Normal page display.
-	$easyFootnoteLabel              = isset( $footnoteOptions['footnoteLabel'] ) ? $footnoteOptions['footnoteLabel'] : __( 'Footnotes', 'easy-footnotes' );
+	$easyFootnoteLabel              = isset( $footnoteOptions['footnoteLabel'] ) ? esc_html( $footnoteOptions['footnoteLabel'] ) : __( 'Footnotes', 'easy-footnotes' );
 	$easyFootnoteCheck              = isset( $footnoteOptions['useLabel'] ) ? $footnoteOptions['useLabel'] : false;
 	$hide_easy_footnote_after_posts = isset( $footnoteOptions['hide_easy_footnote_after_posts'] ) ? $footnoteOptions['hide_easy_footnote_after_posts'] : false;
 	$show_easy_footnote_on_front    = isset( $footnoteOptions['show_easy_footnote_on_front'] ) ? $footnoteOptions['show_easy_footnote_on_front'] : false;

easy-footnotes.php

@@ -3,7 +3,7 @@
  * Plugin Name: Easy Footnotes
  * Plugin URI: https://jasonyingling.me/easy-footnotes-wordpress/
  * Description: Easily add footnotes to your posts with a simple shortcode.
- * Version: 1.1.4
+ * Version: 1.1.5
  * Author: Jason Yingling
  * Author URI: https://jasonyingling.me
  * License: GPL2

readme.txt

@@ -3,8 +3,8 @@ Contributors: yingling017, twinpictures
 Donate link: http://jasonyingling.me
 Tags: footnotes, read, blogging, hover, tooltips, editing, endnotes, Formatting, writing, bibliography, notes, reference
 Requires at least: 3.0.1
-Tested up to: 5.0
-Stable tag: 1.1.4
+Tested up to: 5.5
+Stable tag: 1.1.5
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 
@@ -70,6 +70,9 @@ add_action( 'wp_enqueue_scripts', 'efn_deregister_scripts' );</code>
 
 == Changelog ==
 
+= 1.1.5 =
+* WordPress 5.5 compatability
+
 = 1.1.4 =
 * Fixing typo on FAQ page