Skip to content

Commit 5c00602

Browse files
TeoAlexTeoAlex
committed
sanitization
1 parent 9b12dce commit 5c00602

File tree

2 files changed

+182
-2
lines changed

2 files changed

+182
-2
lines changed

fancybox.php

Lines changed: 181 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -595,4 +595,184 @@ function fancy_check_if_woocommerce() {
595595
} else {
596596
return 'true';
597597
}
598-
}
598+
}
599+
600+
add_filter( 'pre_update_option_mfbfw', 'mfbfw_sanitize_fancy_options' );
601+
602+
function mfbfw_sanitize_fancy_options( $value ){
603+
$sanitized = $value;
604+
605+
if ( isset( $value['showToolbar'] ) ) {
606+
$sanitized['showToolbar'] = sanitize_text_field( $value['showToolbar'] );
607+
}
608+
609+
if ( isset( $value['borderColor'] ) ) {
610+
$sanitized['borderColor'] = sanitize_text_field( $value['borderColor'] );
611+
}
612+
613+
if ( isset( $value['paddingColor'] ) ) {
614+
$sanitized['paddingColor'] = sanitize_text_field( $value['paddingColor'] );
615+
}
616+
617+
if ( isset( $value['padding'] ) ) {
618+
$sanitized['padding'] = absint( $value['padding'] );
619+
}
620+
621+
if ( isset( $value['overlayShow'] ) ) {
622+
$sanitized['overlayShow'] = sanitize_text_field( $value['overlayShow'] );
623+
}
624+
625+
if ( isset( $value['overlayColor'] ) ) {
626+
$sanitized['overlayColor'] = sanitize_text_field( $value['overlayColor'] );
627+
}
628+
629+
if ( isset( $value['overlayOpacity'] ) ) {
630+
$sanitized['overlayOpacity'] = (float) sanitize_text_field( $value['overlayOpacity'] );
631+
}
632+
633+
if ( isset( $value['titleShow'] ) ) {
634+
$sanitized['titleShow'] = sanitize_text_field( $value['titleShow'] );
635+
}
636+
637+
if ( isset( $value['titleSize'] ) ) {
638+
$sanitized['titleSize'] = absint( $value['titleSize'] );
639+
}
640+
641+
if ( isset( $value['titlePosition'] ) ) {
642+
$sanitized['titlePosition'] = sanitize_text_field( $value['titlePosition'] );
643+
}
644+
645+
if ( isset( $value['titleColor'] ) ) {
646+
$sanitized['titleColor'] = sanitize_text_field( $value['titleColor'] );
647+
}
648+
649+
if ( isset( $value['showNavArrows'] ) ) {
650+
$sanitized['showNavArrows'] = sanitize_text_field( $value['showNavArrows'] );
651+
}
652+
653+
if ( isset( $value['zoomOpacity'] ) ) {
654+
$sanitized['zoomOpacity'] = sanitize_text_field( $value['zoomOpacity'] );
655+
}
656+
657+
if ( isset( $value['transitionIn'] ) ) {
658+
$sanitized['transitionIn'] = sanitize_text_field( $value['transitionIn'] );
659+
}
660+
661+
if ( isset( $value['zoomSpeedIn'] ) ) {
662+
$sanitized['zoomSpeedIn'] = absint( $value['zoomSpeedIn'] );
663+
}
664+
665+
if ( isset( $value['transitionEffect'] ) ) {
666+
$sanitized['transitionEffect'] = sanitize_text_field( $value['transitionEffect'] );
667+
}
668+
669+
if ( isset( $value['zoomSpeedChange'] ) ) {
670+
$sanitized['zoomSpeedChange'] = absint( $value['zoomSpeedChange'] );
671+
}
672+
673+
if ( isset( $value['hideOnOverlayClick'] ) ) {
674+
$sanitized['hideOnOverlayClick'] = sanitize_text_field( $value['hideOnOverlayClick'] );
675+
}
676+
677+
if ( isset( $value['enableEscapeButton'] ) ) {
678+
$sanitized['enableEscapeButton'] = sanitize_text_field( $value['enableEscapeButton'] );
679+
}
680+
681+
if ( isset( $value['galleryType'] ) ) {
682+
$sanitized['galleryType'] = sanitize_text_field( $value['galleryType'] );
683+
}
684+
685+
if ( isset( $value['autoDimensions'] ) ) {
686+
$sanitized['autoDimensions'] = sanitize_text_field( $value['autoDimensions'] );
687+
}
688+
689+
if ( isset( $value['frameWidth'] ) ) {
690+
$sanitized['frameWidth'] = absint( $value['frameWidth'] );
691+
}
692+
693+
if ( isset( $value['frameHeight'] ) ) {
694+
$sanitized['frameHeight'] = absint( $value['frameHeight'] );
695+
}
696+
697+
if ( isset( $value['callbackEnable'] ) ) {
698+
$sanitized['callbackEnable'] = sanitize_text_field( $value['callbackEnable'] );
699+
}
700+
701+
if ( isset( $value['loadAtFooter'] ) ) {
702+
$sanitized['loadAtFooter'] = sanitize_text_field( $value['loadAtFooter'] );
703+
}
704+
705+
if ( isset( $value['showCloseButton'] ) ) {
706+
$sanitized['showCloseButton'] = sanitize_text_field( $value['showCloseButton'] );
707+
}
708+
709+
if ( isset( $value['border'] ) ) {
710+
$sanitized['border'] = sanitize_text_field( $value['border'] );
711+
}
712+
713+
if ( isset( $value['captionShow'] ) ) {
714+
$sanitized['captionShow'] = sanitize_text_field( $value['captionShow'] );
715+
}
716+
717+
if ( isset( $value['hideOnContentClick'] ) ) {
718+
$sanitized['hideOnContentClick'] = sanitize_text_field( $value['hideOnContentClick'] );
719+
}
720+
721+
if ( isset( $value['cyclic'] ) ) {
722+
$sanitized['cyclic'] = sanitize_text_field( $value['cyclic'] );
723+
}
724+
725+
if ( isset( $value['mouseWheel'] ) ) {
726+
$sanitized['mouseWheel'] = sanitize_text_field( $value['mouseWheel'] );
727+
}
728+
729+
if ( isset( $value['zoomOnClick'] ) ) {
730+
$sanitized['zoomOnClick'] = sanitize_text_field( $value['zoomOnClick'] );
731+
}
732+
733+
if ( isset( $value['disableWoocommercePages'] ) ) {
734+
$sanitized['disableWoocommercePages'] = sanitize_text_field( $value['disableWoocommercePages'] );
735+
}
736+
737+
if ( isset( $value['disableWoocommerceProducts'] ) ) {
738+
$sanitized['disableWoocommerceProducts'] = sanitize_text_field( $value['disableWoocommerceProducts'] );
739+
}
740+
741+
if ( isset( $value['exclude_pdf'] ) ) {
742+
$sanitized['exclude_pdf'] = sanitize_text_field( $value['exclude_pdf'] );
743+
}
744+
745+
if ( isset( $value['disableOnMobile'] ) ) {
746+
$sanitized['disableOnMobile'] = sanitize_text_field( $value['disableOnMobile'] );
747+
}
748+
749+
if ( isset( $value['extraCallsData'] ) ) {
750+
$sanitized['extraCallsData'] = strip_tags( $value['extraCallsData'] );
751+
}
752+
753+
if ( isset( $value['callbackOnStart'] ) ) {
754+
$sanitized['callbackOnStart'] = strip_tags( $value['callbackOnStart'] );
755+
}
756+
757+
if ( isset( $value['callbackOnCancel'] ) ) {
758+
$sanitized['callbackOnCancel'] = strip_tags( $value['callbackOnCancel'] );
759+
}
760+
761+
if ( isset( $value['callbackOnComplete'] ) ) {
762+
$sanitized['callbackOnComplete'] = strip_tags( $value['callbackOnComplete'] );
763+
}
764+
765+
if ( isset( $value['callbackOnCleanup'] ) ) {
766+
$sanitized['callbackOnCleanup'] = strip_tags( $value['callbackOnCleanup'] );
767+
}
768+
769+
if ( isset( $value['callbackOnClose'] ) ) {
770+
$sanitized['callbackOnClose'] = strip_tags( $value['callbackOnClose'] );
771+
}
772+
773+
if ( isset( $value['customExpression'] ) ) {
774+
$sanitized['customExpression'] = strip_tags( $value['customExpression'] );
775+
}
776+
777+
return $sanitized;
778+
}

lib/admin-head.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55

66

77
// Get array with all the options
8-
$settings = get_option( 'mfbfw' );
8+
$settings = mfbfw_sanitize_fancy_options( get_option( 'mfbfw' ) );
99

1010
// Get Version
1111
$version = get_option('mfbfw_active_version');

0 commit comments

Comments
 (0)