Business Profile - Version 2.0.5

Version Description

(2020-04-08) = - Updating a few input fields to correct for possible minor XSS issues

Download this release

Release Info

Developer Rustaurius
Plugin Icon 128x128 Business Profile
Version 2.0.5
Comparing to
See all releases

Code changes from version 2.0.4 to 2.0.5

Files changed (4) hide show
  1. business-profile.php +1 -1
  2. includes/class-custom-post-types.php +1 -1
  3. includes/class-schema-cpt.php +2 -2
  4. readme.txt +3 -0
business-profile.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: Five Star Business Profile and Schema
4
  * Plugin URI: https://www.fivestarplugins.com/plugins/business-profile/
5
  * Description: Add schema structured data to any page or post type. Create an SEO friendly contact card with your business info and associated schema. Supports Google Map, opening hours and more.
6
- * Version: 2.0.4
7
  * Author: Five Star Plugins
8
  * Author URI: https://www.fivestarplugins.com
9
  * License: GPLv3
3
  * Plugin Name: Five Star Business Profile and Schema
4
  * Plugin URI: https://www.fivestarplugins.com/plugins/business-profile/
5
  * Description: Add schema structured data to any page or post type. Create an SEO friendly contact card with your business info and associated schema. Supports Google Map, opening hours and more.
6
+ * Version: 2.0.5
7
  * Author: Five Star Plugins
8
  * Author URI: https://www.fivestarplugins.com
9
  * License: GPLv3
includes/class-custom-post-types.php CHANGED
@@ -623,7 +623,7 @@ if ( ! class_exists( 'bpfwpCustomPostTypes', false ) ) :
623
  else {
624
  echo '<label for="field_defaults">' . $field->name . '</label>';
625
  //echo '<div class="bpfwp-clear"></div>';
626
- echo '<input type="text" class="bpfwp-schema-defaults-field" name="field_defaults[' . $field_prefix . '_' . $field->slug .']" value="' . ( isset($field_defaults[$field_prefix . '_' . $field->slug]) ? $field_defaults[$field_prefix . '_' . $field->slug] : "" ) . '" placeholder="' . $field->callback . '" data-field_id="' . $this->field_id . '">';
627
  if ( $bpfwp_controller->settings->get_setting( 'schema-default-helpers' ) ) { echo '<span class="bpfwp-schema-defaults-helper dashicons dashicons-arrow-down-alt2" data-field_id="' . $this->field_id . '"></span>'; }
628
  echo '<div class="bpfwp-clear"></div>';
629
 
623
  else {
624
  echo '<label for="field_defaults">' . $field->name . '</label>';
625
  //echo '<div class="bpfwp-clear"></div>';
626
+ echo '<input type="text" class="bpfwp-schema-defaults-field" name="field_defaults[' . $field_prefix . '_' . $field->slug .']" value="' . ( isset($field_defaults[$field_prefix . '_' . $field->slug]) ? esc_attr( $field_defaults[$field_prefix . '_' . $field->slug] ) : "" ) . '" placeholder="' . $field->callback . '" data-field_id="' . $this->field_id . '">';
627
  if ( $bpfwp_controller->settings->get_setting( 'schema-default-helpers' ) ) { echo '<span class="bpfwp-schema-defaults-helper dashicons dashicons-arrow-down-alt2" data-field_id="' . $this->field_id . '"></span>'; }
628
  echo '<div class="bpfwp-clear"></div>';
629
 
includes/class-schema-cpt.php CHANGED
@@ -314,7 +314,7 @@ if ( ! class_exists( 'bpfwpSchemaCPT' ) ) :
314
  echo '<label class="' . ( $field->recommended ? 'recommended' : '' ) . '" for="' . $this->schema_type . '[' . $field_prefix . '_' . $field->slug . '][' . $count . ']">' . $field->name . '</label>';
315
 
316
  echo '<textarea name="' . $this->schema_type . '[' . $field_prefix . '_' . $field->slug . '][' . $count . ']" placeholder="' . ( isset($placeholder) ? $placeholder : "" ) . '">';
317
- echo isset($value) ? $value : '';
318
  echo '</textarea>';
319
  break;
320
 
@@ -324,7 +324,7 @@ if ( ! class_exists( 'bpfwpSchemaCPT' ) ) :
324
 
325
  echo '<label class="' . ( $field->recommended ? 'recommended' : '' ) . '" for="' . $this->schema_type . '[' . $field_prefix . '_' . $field->slug . '][' . $count . ']">' . $field->name . '</label>';
326
 
327
- echo '<input type="' . $field->input . '" name="' . $this->schema_type . '[' . $field_prefix . '_' . $field->slug . '][' . $count . ']" placeholder="' . ( isset($placeholder) ? $placeholder : '' ) . '" value="' . ( isset($value) ? $value : '' ) . '" />';
328
  }
329
 
330
  return $child_depth;
314
  echo '<label class="' . ( $field->recommended ? 'recommended' : '' ) . '" for="' . $this->schema_type . '[' . $field_prefix . '_' . $field->slug . '][' . $count . ']">' . $field->name . '</label>';
315
 
316
  echo '<textarea name="' . $this->schema_type . '[' . $field_prefix . '_' . $field->slug . '][' . $count . ']" placeholder="' . ( isset($placeholder) ? $placeholder : "" ) . '">';
317
+ echo isset($value) ? esc_html( $value ) : '';
318
  echo '</textarea>';
319
  break;
320
 
324
 
325
  echo '<label class="' . ( $field->recommended ? 'recommended' : '' ) . '" for="' . $this->schema_type . '[' . $field_prefix . '_' . $field->slug . '][' . $count . ']">' . $field->name . '</label>';
326
 
327
+ echo '<input type="' . $field->input . '" name="' . $this->schema_type . '[' . $field_prefix . '_' . $field->slug . '][' . $count . ']" placeholder="' . ( isset($placeholder) ? $placeholder : '' ) . '" value="' . ( isset($value) ? esc_html( $value ) : '' ) . '" />';
328
  }
329
 
330
  return $child_depth;
readme.txt CHANGED
@@ -187,6 +187,9 @@ You'll find more help in the [User Guide](http://doc.themeofthecrop.com/plugins/
187
 
188
  == Changelog ==
189
 
 
 
 
190
  = 2.0.4 (2020-03-27) =
191
  - Added link/the ability to click to call to phone numbers in the contact card
192
  - Added all the Organization types from the schema functionality as options in the Schema Type setting for the contact card
187
 
188
  == Changelog ==
189
 
190
+ = 2.0.5 (2020-04-08) =
191
+ - Updating a few input fields to correct for possible minor XSS issues
192
+
193
  = 2.0.4 (2020-03-27) =
194
  - Added link/the ability to click to call to phone numbers in the contact card
195
  - Added all the Organization types from the schema functionality as options in the Schema Type setting for the contact card