Swap direct calls to mc_kses_post for the wp_kses equivalent

joedolson · Jan 7, 2025 · c81272d · c81272d
1 parent 9057835
commit c81272d
Show file tree

Hide file tree

Showing 8 changed files with 15 additions and 15 deletions.
diff --git a/src/includes/widgets/class-my-calendar-mini-widget.php b/src/includes/widgets/class-my-calendar-mini-widget.php
@@ -242,8 +242,8 @@ public function form( $instance ) {
 	 * @return array $instance Updated instance.
 	 */
 	public function update( $new_data, $instance ) {
-		$instance['my_calendar_mini_title']    = mc_kses_post( $new_data['my_calendar_mini_title'] );
-		$instance['my_calendar_mini_time']     = mc_kses_post( $new_data['my_calendar_mini_time'] );
+		$instance['my_calendar_mini_title']    = wp_kses( $new_data['my_calendar_mini_title'], 'mycalendar' );
+		$instance['my_calendar_mini_time']     = wp_kses( $new_data['my_calendar_mini_time'], 'mycalendar' );
 		$instance['my_calendar_mini_category'] = ( in_array( 'all', (array) $new_data['my_calendar_mini_category'], true ) ) ? array() : $new_data['my_calendar_mini_category'];
 		$instance['above']                     = ( isset( $new_data['above'] ) && '' !== $new_data['above'] ) ? $new_data['above'] : 'none';
 		$instance['mc_link']                   = $new_data['mc_link'];

diff --git a/src/includes/widgets/class-my-calendar-simple-search.php b/src/includes/widgets/class-my-calendar-simple-search.php
@@ -88,7 +88,7 @@ public function form( $instance ) {
 	 * @return array $instance Updated instance.
 	 */
 	public function update( $new_settings, $instance ) {
-		$instance['title'] = mc_kses_post( $new_settings['title'] );
+		$instance['title'] = wp_kses( $new_settings['title'], 'mycalendar' );
 		$instance['url']   = esc_url_raw( $new_settings['url'] );
 
 		return $instance;

diff --git a/src/my-calendar-categories.php b/src/my-calendar-categories.php
@@ -375,7 +375,7 @@ function mc_create_category( $category ) {
 		'category_term'    => $term,
 	);
 
-	$add = array_map( 'mc_kses_post', $add );
+	$add = array_map( 'wp_kses_post', $add );
 	/**
 	 * Filter data before inserting a new category.
 	 *

diff --git a/src/my-calendar-event-manager.php b/src/my-calendar-event-manager.php
@@ -788,7 +788,7 @@ function mc_list_events() {
 					$col_head .= mc_table_header( __( 'Author', 'my-calendar' ), $sortbydirection, $sortby, '5', $url );
 					$url       = add_query_arg( 'sort', '6', $admin_url );
 					$col_head .= mc_table_header( __( 'Category', 'my-calendar' ), $sortbydirection, $sortby, '6', $url );
-					echo mc_kses_post( $col_head );
+					echo wp_kses( $col_head, 'mycalendar' );
 					?>
 					</tr>
 				</thead>

diff --git a/src/my-calendar-iframe.php b/src/my-calendar-iframe.php
@@ -62,7 +62,7 @@ function my_calendar_iframe() {
 			$body .= mc_get_event( $mc_id, 'html' );
 		}
 	}
-	echo mc_kses_post( $body );
+	echo wp_kses( $body, 'mycalendar' );
 	?>
 </body>
 </html>

diff --git a/src/my-calendar-locations.php b/src/my-calendar-locations.php
@@ -1398,7 +1398,7 @@ function mc_location_select( $location = false ) {
 				$l .= ' selected="selected"';
 			}
 		}
-		$l    .= '>' . mc_kses_post( stripslashes( $label ) ) . '</option>';
+		$l    .= '>' . esc_html( wp_strip_all_tags( wp_unslash( $label ) ) ) . '</option>';
 		$list .= $l;
 	}
 

diff --git a/src/my-calendar-templates.php b/src/my-calendar-templates.php
@@ -1973,7 +1973,7 @@ function mc_get_template_tag( $event, $key ) {
  * @param string $key Array key in the tags array for data to fetch.
  */
 function mc_template_tag( $data, $key = 'calendar' ) {
-	echo mc_kses_post( mc_get_template_tag( $data, $key ) );
+	echo wp_kses( mc_get_template_tag( $data, $key ), 'mycalendar' );
 }
 
 /**
@@ -1984,7 +1984,7 @@ function mc_template_tag( $data, $key = 'calendar' ) {
  */
 function mc_template_time( $data, $type = 'calendar' ) {
 	$event = $data->event;
-	echo mc_kses_post( mc_time_html( $event, $type ) );
+	echo wp_kses( mc_time_html( $event, $type ), 'mycalendar' );
 }
 
 /**
@@ -2127,7 +2127,7 @@ function mc_template_description( $data, $type = 'calendar' ) {
 	$description = '';
 	if ( mc_output_is_visible( 'description', $type, $event ) ) {
 		if ( '' !== trim( $event->event_desc ) ) {
-			$description = wpautop( stripcslashes( mc_kses_post( $event->event_desc ) ), 1 );
+			$description = wpautop( wp_unslash( $event->event_desc ), 1 );
 			$description = "	<div class='longdesc description'>$description</div>";
 		}
 	}
@@ -2145,7 +2145,7 @@ function mc_template_registration( $data, $type = 'calendar' ) {
 	$event   = $data->event;
 	$tickets = '';
 	if ( mc_output_is_visible( 'tickets', $type, $event ) ) {
-		$info     = wpautop( stripcslashes( mc_kses_post( $event->event_registration ) ) );
+		$info     = wpautop( wp_unslash( $event->event_registration ) );
 		$url      = esc_url( $event->event_tickets );
 		$external = ( $url && mc_external_link( $url ) ) ? 'external' : '';
 		$text     = ( '' !== mc_get_option( 'buy_tickets', '' ) ) ? mc_get_option( 'buy_tickets' ) : __( 'Buy Tickets', 'my-calendar' );
@@ -2169,7 +2169,7 @@ function mc_template_excerpt( $data, $type = 'calendar' ) {
 	$short = '';
 	if ( mc_output_is_visible( 'excerpt', $type, $event ) ) {
 		if ( '' !== trim( $event->event_short ) ) {
-			$short = wpautop( stripcslashes( mc_kses_post( $event->event_short ) ), 1 );
+			$short = wpautop( wp_unslash( $event->event_short ), 1 );
 			$short = "<div class='shortdesc description'>$short</div>";
 		}
 	}

diff --git a/src/templates/legacy-functions.php b/src/templates/legacy-functions.php
@@ -223,13 +223,13 @@ function mc_legacy_template_draw_event( $event, $type, $process_date, $time, $te
 
 			if ( 'true' === $display_desc || mc_output_is_visible( 'description', $type, $event ) ) {
 				if ( '' !== trim( $event->event_desc ) ) {
-					$description = wpautop( stripcslashes( mc_kses_post( $event->event_desc ) ), 1 );
+					$description = wpautop( wp_kses( wp_unslash( $event->event_desc ), 'mycalendar' ), 1 );
 					$description = "	<div class='longdesc description'>$description</div>";
 				}
 			}
 
 			if ( 'true' === $display_reg || mc_output_is_visible( 'tickets', $type, $event ) ) {
-				$info     = wpautop( stripcslashes( mc_kses_post( $event->event_registration ) ) );
+				$info     = wpautop( wp_kses( wp_unslash( $event->event_registration ), 'mycalendar' ), 1 );
 				$url      = esc_url( $event->event_tickets );
 				$external = ( $url && mc_external_link( $url ) ) ? 'external' : '';
 				$text     = ( '' !== mc_get_option( 'buy_tickets', '' ) ) ? mc_get_option( 'buy_tickets' ) : __( 'Buy Tickets', 'my-calendar' );
@@ -243,7 +243,7 @@ function mc_legacy_template_draw_event( $event, $type, $process_date, $time, $te
 
 			if ( 'true' === $display_short || mc_output_is_visible( 'excerpt', $type, $event ) ) {
 				if ( '' !== trim( $event->event_short ) ) {
-					$short = wpautop( stripcslashes( mc_kses_post( $event->event_short ) ), 1 );
+					$short = wpautop( wp_kses( wp_unslash( $event->event_short ), 'mycalendar' ), 1 );
 					$short = "	<div class='shortdesc description'>$short</div>";
 				}
 			}
-Original file line number
+Diff line change
@@ Expand Up / @@ -62,7 +62,7 @@ function my_calendar_iframe() { @@
     			$body .= mc_get_event( $mc_id, 'html' );
     		}
     	}
-    	echo mc_kses_post( $body );
+    	echo wp_kses( $body, 'mycalendar' );
     	?>
     </body>
     </html>
@@ Expand Down @@