Skip to content

Commit

Permalink
Fix disconnect button - escape HTML attribute
Browse files Browse the repository at this point in the history
  • Loading branch information
jakubboucek committed Feb 5, 2021
1 parent 859344b commit 3545b68
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion src/Settings.php
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,11 @@ public function field_type_disconnect_button(
$object_type,
$field_type_object
) {
printf( '<a href="%s">%s</a>', admin_url( 'admin.php?page=ssc_options&disconnect_simpleshop=1' ), __( 'Disconnect Simple Shop', 'simpleshop-cz' ) );
printf(
'<a href="%s">%s</a>',
htmlspecialchars( admin_url( 'admin.php?page=ssc_options&disconnect_simpleshop=1' ) , ENT_QUOTES),
__( 'Disconnect Simple Shop', 'simpleshop-cz' )
);
}

/**
Expand Down Expand Up @@ -389,6 +393,7 @@ public function settings_notices( $object_id, $updated ) {

add_settings_error( $this->key . '-error', '', __( 'Error during communication with SimpleShop API, please try it later', 'simpleshop-cz' ), 'error' );
settings_errors( $this->key . '-error' );

return;
}

Expand Down

0 comments on commit 3545b68

Please sign in to comment.