Skip to content

Commit

Permalink
Added some additional security relevant code from current dev state.
Browse files Browse the repository at this point in the history
  • Loading branch information
@No3x
No3x committed Oct 11, 2015
1 parent 145d0ca commit 9eac8c9
Showing 1 changed file with 10 additions and 13 deletions.
23 changes: 10 additions & 13 deletions WPML_Email_Log_List.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,9 @@ function __construct() {
global $status, $page, $hook_suffix;

parent::__construct( array(
'singular' => __( 'Email', 'wml' ),//singular name of the listed records
'plural' => __( 'Emails', 'wml' ),//plural name of the listed records
'ajax' => false //does this table support ajax?
'singular' => 'email', // singular name of the listed records
'plural' => 'emails', // plural name of the listed records
'ajax' => false, // does this table support ajax?
) );
}

Expand All @@ -36,7 +36,7 @@ function __construct() {
* @see WP_List_Table::no_items()
*/
function no_items() {
_e( 'No ' . $this->_args['singular'] . ' found.' );
_e( 'No email found.', 'wpml' );
return;
}

Expand Down Expand Up @@ -110,6 +110,8 @@ private function sanitize_order() {
function prepare_items( $search = false ) {
global $wpdb;
$tableName = WPML_Plugin::getTablename( 'mails' );
$orderby = $this->sanitize_orderby();
$order = $this->sanitize_order();

$columns = $this->get_columns();
$hidden = $this->get_hidden_columns();
Expand All @@ -121,11 +123,6 @@ function prepare_items( $search = false ) {
$per_page = $this->get_items_per_page( 'per_page', 25 );
$current_page = $this->get_pagenum();
$total_items = $wpdb->get_var( "SELECT COUNT(*) FROM `$tableName`;" );

$orderby_default = "mail_id";
$order_default = "desc";
$orderby = ( !empty( $_GET['orderby'] ) ) ? $_GET['orderby'] : $orderby_default;
$order = ( !empty($_GET['order'] ) ) ? $_GET['order'] : $order_default;
$offset = ( $current_page-1 ) * $per_page;

$search_query = '';
Expand Down Expand Up @@ -178,7 +175,7 @@ function column_default( $item, $column_name ) {

/**
* Sanitize message to remove unsafe html.
* @since 1.6.0
* @since 1.5.1
* @param $message unsafe message
* @return string safe message
*/
Expand Down Expand Up @@ -236,13 +233,13 @@ function column_attachments( $item ) {
}
}
}
return esc_html( $attachment_append );
return $attachment_append;
}

/**
* Renders all components of the mail.
* @since 1.3
* @param object $item The current item
* @param array $item The current item.
* @return string The mail as html
*/
function render_mail( $item ) {
Expand All @@ -259,7 +256,7 @@ function render_mail( $item ) {
}
}
}
return esc_html( $mailAppend );
return $mailAppend;
}

/**
Expand Down

0 comments on commit 9eac8c9

Please sign in to comment.