boogah/biscotti
1
0
Fork 0
Code Issues Pull Requests1 Packages Projects Releases5 Wiki Activity

Sanitize, not escape.

Browse Source
This commit is contained in:
Jason Cosper 2023-01-05 17:35:16 -08:00
parent b76c6cafe7
commit 009419a826
1 changed files with 2 additions and 2 deletions

4
biscotti.php

@ -3,7 +3,7 @@
* Biscotti * Biscotti
* *
* Biscotti is a plugin that modifies the expiration of the logged in user * Biscotti is a plugin that modifies the expiration of the logged in user
* cookie in WordPress to three months, six months, or one year. Because * cookie in WordPress to three months, six months, or one year. Because
* some people hate to have to keep entering their passwords. * some people hate to have to keep entering their passwords.
* *
* @package Biscotti * @package Biscotti
@ -67,7 +67,7 @@ function biscotti_login_cookie_expiration_form_fields_update( $user_id )
if (! current_user_can('edit_user', $user_id) ) { if (! current_user_can('edit_user', $user_id) ) {
return; return;
} }
update_user_meta($user_id, 'biscotti_login_cookie_expiration', esc_attr($_POST['biscotti_login_cookie_expiration'])); update_user_meta($user_id, 'biscotti_login_cookie_expiration', sanitize_text_field($_POST['biscotti_login_cookie_expiration']));
} }
// Save the chosen login cookie expiration date when the user profile is updated. // Save the chosen login cookie expiration date when the user profile is updated.