- Timestamp:
- 02/01/2024 05:16:53 PM (15 months ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
wp-user-avatar/trunk/src/ShortcodeParser/Builder/FieldsShortcodeCallback.php
r3026941 r3030229 101 101 102 102 foreach ($atts as $key => $value) { 103 if ( ! in_array($key, $invalid_atts) && is_string($key) && is_string($value)) {103 if ( ! in_array($key, $invalid_atts) && strpos($key, 'on') !== 0 && is_string($key) && is_string($value)) { 104 104 $valid_atts[esc_attr($key)] = esc_attr($value); 105 105 } … … 125 125 126 126 foreach ($atts as $key => $value) { 127 // ensure no leading/trailing space 128 $key = sanitize_text_field(trim($key)); 129 130 // skip all onXYZ attributes eg onclick, onmouseover etc 131 if(strpos($key, 'on') === 0) continue; 132 127 133 // add class to submit button. 128 134 if ($field_name == $this->tag_name . '_submit' && $key == 'class') { … … 131 137 132 138 if ($key != 'required' && ! empty($value)) { 133 $value = esc_attr($value); 134 $key = esc_attr($key); 135 $output[] = "$key=\"$value\""; 139 $output[] = sprintf('%s="%s"', esc_attr($key), esc_attr($value)); 136 140 } 137 141 }
Note: See TracChangeset
for help on using the changeset viewer.