fix sanitization

Andrew-Paystack · Andrew-Paystack · commit 909abbd5a59a · 2025-04-22T14:13:01.000+03:00
diff --git a/includes/classes/class-field-shortcodes.php b/includes/classes/class-field-shortcodes.php
@@ -43,7 +43,9 @@ public function text_field( $atts ) {
 			$atts,
 			'text'
 		);
-	
+		
+		$atts['name'] = sanitize_text_field( esc_attr( esc_html__($atts['name']) ) );
+
 		// translators: %s: input field name to be entered by the user
 		$name     = sanitize_text_field( sprintf( esc_attr__( 'Enter %s', 'pff-paystack' ), $atts['name'] ) );
 		$required = $atts['required'] === 'required' ? 'required' : '';
@@ -78,6 +80,8 @@ public function textarea_field( $atts ) {
 			'textarea'
 		);
 
+		$atts['name'] = sanitize_text_field( esc_attr( esc_html__($atts['name']) ) );
+		
 		// translators: %s: textarea field to be entered by the user
 		$name     = sanitize_text_field( sprintf( esc_attr__( 'Enter %s', 'pff-paystack' ), $atts['name'] ) );
 		$required = $atts['required'] === 'required' ? 'required' : '';
@@ -156,7 +160,9 @@ public function input_field( $atts ) {
 			$atts,
 			'input'
 		);
-
+		
+		$atts['name'] = sanitize_text_field( esc_attr( esc_html__($atts['name']) ) );
+		
 		$name       = sanitize_text_field( $atts['name'] );
 		$required   = $atts['required'] === 'required' ? 'required' : '';
 		$fileInputId = uniqid( 'file-input-' );
@@ -195,7 +201,9 @@ public function datepicker_field( $atts ) {
 			$atts,
 			'datepicker'
 		);
-	
+		
+		$atts['name'] = sanitize_text_field( esc_attr( esc_html__($atts['name']) ) );
+
 		// translators: %s: datepicker field to be selected by the user
 		$name     = sanitize_text_field( sprintf( esc_attr__( 'Enter %s', 'pff-paystack' ), $atts['name'] ) );
 		$required = $atts['required'] === 'required' ? 'required' : '';
@@ -230,6 +238,7 @@ public function select_field( $atts ) {
 			$atts,
 			'select'
 		);
+		$atts['name'] = sanitize_text_field( esc_attr( esc_html__($atts['name']) ) );
 	
 		$name     = sanitize_text_field( $atts['name'] );
 		$options  = array_map( 'sanitize_text_field', explode( ',', $atts['options'] ) );
@@ -271,7 +280,9 @@ public function radio_field( $atts ) {
 			$atts,
 			'radio'
 		);
-	
+		
+		$atts['name'] = sanitize_text_field( esc_attr( esc_html__($atts['name']) ) );
+
 		$name     = sanitize_text_field( $atts['name'] );
 		$options  = array_map( 'sanitize_text_field', explode( ',', $atts['options'] ) );
 		$required = $atts['required'] === 'required' ? 'required' : '';
