fix: allow html tags in field description

Author: girishpanchal30

classes/input-meta.class.php

@@ -155,7 +155,7 @@ function field_label( $tooltip = true, $desc = true, $asterisk = true ) {
 
 		$asterisk_symbol = ( ! empty( $this->required() ) && $this->title() != '' ) ? '<span class="show_required"> *</span>' : '';
 
-		$show_desc = ( ! empty( $this->desc() ) ) ? '<span class="show_description ppom-input-desc">' . wp_strip_all_tags( html_entity_decode( $this->desc() ) ) . '</span>' : '';
+		$show_desc = ( ! empty( $this->desc() ) ) ? '<span class="show_description ppom-input-desc">' . $this->desc() . '</span>' : '';
 
 		if ( $desc ) {
 			$show_desc = apply_filters( 'ppom_field_description', $show_desc, self::$input_meta );

inc/validation.php

@@ -37,6 +37,8 @@ function ppom_esc_html( $content ) {
 		'onclick'    => array(),
 		'onchange'   => array(),
 		'onkeyup'    => array(),
+		'data-*'     => array(),
+		'style'      => array(),
 	);
 	$allowedposttags['form']     = $allowed_atts;
 	$allowedposttags['label']    = $allowed_atts;
@@ -72,6 +74,7 @@ function ppom_esc_html( $content ) {
 	$allowedposttags['a']        = $allowed_atts;
 	$allowedposttags['b']        = $allowed_atts;
 	$allowedposttags['i']        = $allowed_atts;
+	$allowedposttags['br']       = $allowed_atts;
 	$allowed_tags = wp_kses_allowed_html( 'post' );
 
 	return wp_kses( stripslashes_deep( $content ), $allowed_tags );

templates/frontend/inputs/cropper.php

@@ -41,7 +41,7 @@ class="<?php echo esc_attr( $fm->field_inner_wrapper_classes() ); ?>">
 	<!-- if title of field exist -->
 	<?php if ( $field_label ) : ?>
 		<label class="<?php echo esc_attr( $fm->label_classes() ); ?>"
-			   for="<?php echo esc_attr( $fm->data_name() ); ?>"><?php echo wp_kses( $field_label, array( 'span' => array( 'class' => true, 'data-*' => true, 'title' => true ) ) ); ?></label>
+			   for="<?php echo esc_attr( $fm->data_name() ); ?>"><?php echo ppom_esc_html( $field_label ); ?></label>
 	<?php endif ?>
 
 

templates/frontend/inputs/divider.php

@@ -103,7 +103,7 @@
 	if ( $divider_styles == 'style1' ) {
 		if ( $fm->field_label() ) { 
 			?>
-			<h2 class="ppom-divider-with-txt ppom-divider-line ppom-divider-line-clr ppom-divider-txt"><?php echo wp_kses( $fm->field_label(), array( 'span' => array( 'class' => true, 'data-*' => true, 'title' => true ) ) ); ?></h2>
+			<h2 class="ppom-divider-with-txt ppom-divider-line ppom-divider-line-clr ppom-divider-txt"><?php echo ppom_esc_html( $fm->field_label() ); ?></h2>
 		<?php } else { ?>
 			<hr class="ppom-divider-<?php echo esc_attr( $style1_border ); ?>">
 			<?php 
@@ -113,27 +113,27 @@
 
 	<!--Style 2-->
 	<?php if ( $divider_styles == 'style2' ) { ?>
-		<h2 class="ppom-divider-with-txt ppom-divider-gradient ppom-divider-txt"><?php echo wp_kses( $fm->field_label(), array( 'span' => array( 'class' => true, 'data-*' => true, 'title' => true ) ) ); ?></h2>
+		<h2 class="ppom-divider-with-txt ppom-divider-gradient ppom-divider-txt"><?php echo ppom_esc_html( $fm->field_label() ); ?></h2>
 	<?php } ?>
 
 	<!--Style 3-->
 	<?php if ( $divider_styles == 'style3' ) { ?>
-		<h2 class="ppom-divider-with-txt ppom-divider-donotcross ppom-divider-txt"><?php echo wp_kses( $fm->field_label(), array( 'span' => array( 'class' => true, 'data-*' => true, 'title' => true ) ) ); ?></h2>
+		<h2 class="ppom-divider-with-txt ppom-divider-donotcross ppom-divider-txt"><?php echo ppom_esc_html( $fm->field_label() ); ?></h2>
 	<?php } ?>
 
 	<!--Style 4-->
 	<?php if ( $divider_styles == 'style4' ) { ?>
 		<div class="ppom-divider-easy-shadow">
 			<span></span>
-			<span class="ppom-divider-txt"><?php echo wp_kses( $fm->field_label(), array( 'span' => array( 'class' => true, 'data-*' => true, 'title' => true ) ) ); ?></span>
+			<span class="ppom-divider-txt"><?php echo ppom_esc_html( $fm->field_label() ); ?></span>
 			<span></span>
 		</div>
 	<?php } ?>
 
 	<!--Style 5-->
 	<?php if ( $divider_styles == 'style5' ) { ?>
 
-		<h1 class="ppom-divider-fancy-heading ppom-divider-txt"><?php echo wp_kses( $fm->field_label(), array( 'span' => array( 'class' => true, 'data-*' => true, 'title' => true ) ) ); ?></h1>
+		<h1 class="ppom-divider-fancy-heading ppom-divider-txt"><?php echo ppom_esc_html( $fm->field_label() ); ?></h1>
 		<div class="ppom-divider-fancy-line">
 			<span></span>
 		</div>

templates/frontend/inputs/file.php

@@ -38,7 +38,7 @@ class="<?php echo esc_attr( $fm->field_inner_wrapper_classes() ); ?>">
 			class="<?php echo esc_attr( $fm->label_classes() ); ?>"
 			for="<?php echo esc_attr( $fm->data_name() ); ?>"
 		>
-			<?php echo wp_kses( $field_label, array( 'span' => array( 'class' => true, 'data-*' => true, 'title' => true ) ) ); ?>
+			<?php echo ppom_esc_html( $field_label ); ?>
 		</label>
 	<?php endif ?>
 

templates/frontend/inputs/quantities.php

@@ -51,7 +51,7 @@
 			class="<?php echo esc_attr( $fm->label_classes() ); ?>"
 			for="<?php echo esc_attr( $fm->data_name() ); ?>"
 		>
-		<?php echo wp_kses( $fm->field_label(), array( 'span' => array( 'class' => true, 'data-*' => true, 'title' => true ) ) ); ?>
+		<?php echo ppom_esc_html( $fm->field_label() ); ?>
 		</label>
 	<?php endif ?>
 

templates/frontend/inputs/text.php

@@ -54,7 +54,7 @@
 			class="<?php echo esc_attr( $fm->label_classes() ); ?>"
 			for="<?php echo esc_attr( $fm->data_name() ); ?>"
 		>
-		<?php echo wp_kses( $fm->field_label(), array( 'span' => array( 'class' => true, 'data-*' => true, 'title' => true ) ) ); ?>
+		<?php echo ppom_esc_html( $fm->field_label() ); ?>
 		</label>
 	<?php endif ?>