Skip to content
Permalink
Browse files Browse the repository at this point in the history
Sanitizing Meta output
  • Loading branch information
Towhidn committed Jul 16, 2017
1 parent a98747d commit 20069f2
Showing 1 changed file with 14 additions and 14 deletions.
28 changes: 14 additions & 14 deletions q2a-ultimate-seo/layer.php
Expand Up @@ -12,27 +12,27 @@ function doctype(){
// Custom Meta(title,description,keywords)
if( ($this->template=='question') and (qa_opt('useo_meta_editor_enable')) ){
$metas = json_decode(qa_db_postmeta_get($this->content['q_view']['raw']['postid'], 'useo-meta-info'),true);
$this->meta_title = @$metas['title'];
$this->meta_description = @$metas['description'];
$this->meta_keywords = @$metas['keywords'];
$this->meta_title = htmlspecialchars(@$metas['title']);
$this->meta_description = htmlspecialchars(@$metas['description']);
$this->meta_keywords = htmlspecialchars(@$metas['keywords']);
}
// Generate Social Meta Tags
$page_url = @$this->content['canonical'];
if(! empty($this->meta_description))
$description = $this->meta_description;
$description = htmlspecialchars($this->meta_description);
else
$description = @$this->content['description'];
$description = htmlspecialchars(@$this->content['description']);
if(! empty($this->meta_title))
$title = $this->meta_title;
$title = htmlspecialchars($this->meta_title);
else
$title = @$this->content['q_view']['raw']['title'];
$title = htmlspecialchars(@$this->content['q_view']['raw']['title']);

if($this->template=='question'){
if(qa_opt('useo_social_enable_editor')){
$this->social_metas = json_decode(qa_db_postmeta_get($this->content['q_view']['raw']['postid'], 'useo-social-info'),true);
if(count($this->social_metas))
foreach ($this->social_metas as $index => $variable){
$this->metas[$index]['content'] = $variable;
$this->metas[$index]['content'] = htmlspecialchars($variable);
$this->metas[$index]['type'] = '';
}
}
Expand Down Expand Up @@ -74,7 +74,7 @@ function doctype(){
// description
$useo_social_tc_desc_length = qa_opt('useo_social_og_desc_length');
if($useo_social_tc_desc_length<=0)
$useo_social_tc_desc_length = 120;
$useo_social_tc_desc_length = 120;
$this->metas['tc-description']['content'] = useo_get_excerpt($description, 0, $useo_social_tc_desc_length);
$this->metas['tc-description']['type'] = 'property="twitter:description"';
// image
Expand Down Expand Up @@ -223,7 +223,7 @@ function head_title()
$title_template = qa_opt('useo_title_qa_item');
if(! empty($title_template) ){
$search = array( '%site-title%', '%question-title%', '%category-name%');
$replace = array(qa_opt('site_title'), @$this->content['q_view']['raw']['title'], $category_name);
$replace = array(qa_opt('site_title'), htmlspecialchars(@$this->content['q_view']['raw']['title']), $category_name);
$title = str_replace($search, $replace, $title_template);
}
}else{
Expand Down Expand Up @@ -430,10 +430,10 @@ function head_title()
if($this->template=='question'){
// setup custom meta keyword
if (! empty($this->meta_keywords))
$this->content['keywords'] = $this->meta_keywords;
$this->content['keywords'] = htmlspecialchars($this->meta_keywords);
// setup custom meta description
if (! empty($this->meta_description))
$this->content['description'] = $this->meta_description;
$this->content['description'] = htmlspecialchars($this->meta_description);
// if there was no custom meta description and it's supposed to read it from answers do it, otherwise don't change it
elseif(qa_opt('useo_meta_desc_ans_enable')){
$lenght = (int)qa_opt('useo_meta_desc_length');
Expand Down Expand Up @@ -499,7 +499,7 @@ function main_parts($content)
</tr>
<tr>
<td class="qa-form-tall-data">
<input placeholder="' . $this->content['q_view']['raw']['title'] . '" id="useo-meta-editor-title" class="qa-form-tall-text" type="text" value="'. $this->meta_title .'" name="useo-meta-editor-title">
<input placeholder="' . htmlspecialchars($this->content['q_view']['raw']['title']) . '" id="useo-meta-editor-title" class="qa-form-tall-text" type="text" value="'. $this->meta_title .'" name="useo-meta-editor-title">
</td>
</tr>
</tbody>
Expand All @@ -512,7 +512,7 @@ function main_parts($content)
</tr>
<tr>
<td class="qa-form-tall-data">
<textarea placeholder="' . $this->content['description'] . '" id="useo-meta-editor-description" class="qa-form-tall-text" cols="40" rows="3" name="useo-meta-editor-description">'. $this->meta_description .'</textarea>
<textarea placeholder="' . htmlspecialchars($this->content['description']) . '" id="useo-meta-editor-description" class="qa-form-tall-text" cols="40" rows="3" name="useo-meta-editor-description">'. $this->meta_description .'</textarea>
</td>
</tr>
</tbody>
Expand Down

0 comments on commit 20069f2

Please sign in to comment.