New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add user_select field #614
Conversation
…nd WP_User_Query doesn't set default. Move default user shortcode args, so they can be overwritten by values in shorcode setup
…s for partial match
User select
…ster # Conflicts: # dev.php
Happy to merge. These version numbers have gotten in a muddle, but they'll get sorted out in the next proper release. |
|
||
$nonce = isset( $_GET['nonce'] ) ? sanitize_text_field( $_GET['nonce'] ) : null; | ||
$requested_shortcode = isset( $_GET['shortcode'] ) ? sanitize_text_field( $_GET['shortcode'] ) : null; | ||
$requested_attr = isset( $_GET['attr'] ) ? sanitize_text_field( $_GET['attr'] ) : null; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Each of the $_GET
references should have wp_unslash()
before any sanitization is done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@westonruter could you explain a bit more why we need wp_unslash()
. Still learning :) Thank you!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@dashaluna sure, WordPress has an unfortunately legacy back-compat feature where it will force all of the input vars like $_GET
and $_POST
to be “slashed”. So for example, if you put in a search for “I'm happy”, then if you look at $_GET['s']
it will actually be I\'m happy
.
For more information, see https://core.trac.wordpress.org/ticket/18322
…queue in select fields using handle
@mattheu @westonruter alright, this should do it :) Over to you guys |
Looks great @dashaluna Thanks! |
* upstream/master: (30 commits) Update notice text Update docs and revert some other modifications Remove loading of scripts from core WP. Grunt task to update. log path location Check for wp-includes and not just that the abspath directory exists Revert adding double tests Update Jasmine Update dev path logic and error if not found Add user_select field (wp-shortcake#614) Update dev examples (wp-shortcake#613) Term select fix (wp-shortcake#612) update pot file (wp-shortcake#596) Create translation file for Japanese (wp-shortcake#594) Add Term Select (wp-shortcake#604) pass correct path to WP update readme Throw fatal if running tests and test install not found Fix JS error If no abspath provided, read from environment variable Allow passing abspath as an option ...
No description provided.