Permalink
Browse files

Use esc_attr for cleaning $_get in visitor page

  • Loading branch information...
mostafasoufi committed Jul 3, 2017
1 parent 20f7e56 commit 82d06cd069fd9ce0a5d2fedaf1885423d67a1c25
Showing with 1 addition and 0 deletions.
  1. +1 −0 includes/log/last-visitor.php
@@ -22,6 +22,7 @@
$title = htmlentities( $_GET['ip'], ENT_QUOTES );
}
$_get = esc_attr($_get);
$total_visitor = $wpdb->get_var( "SELECT COUNT(*) FROM `{$wpdb->prefix}statistics_visitor`" );
if ( $_get != '%' ) {

0 comments on commit 82d06cd

Please sign in to comment.