diff --git wordcamp.org/public_html/wp-content/plugins/wc-post-types/wc-post-types.php wordcamp.org/public_html/wp-content/plugins/wc-post-types/wc-post-types.php
index 43f3413e..3a37eb02 100644
|
|
|
class WordCamp_Post_Types_Plugin { |
| 1822 | 1822 | return; |
| 1823 | 1823 | } |
| 1824 | 1824 | |
| 1825 | | if ( isset( $_POST['wcpt-meta-sponsor-info'] ) && wp_verify_nonce( $_POST['wcpt-meta-sponsor-info'], 'edit-sponsor-info' ) ) { |
| | 1825 | if ( wp_verify_nonce( filter_input( INPUT_POST, 'wcpt-meta-sponsor-info' ), 'edit-sponsor-info' ) ) { |
| 1826 | 1826 | $text_values = array( |
| 1827 | 1827 | 'company_name', 'first_name', 'last_name', 'email_address', 'phone_number', 'vat_number', 'twitter_handle', |
| 1828 | 1828 | 'street_address1', 'street_address2', 'city', 'state', 'zip_code', 'country' |
| 1829 | 1829 | ); |
| 1830 | 1830 | |
| 1831 | 1831 | foreach ( $text_values as $id ) { |
| 1832 | | $values[ $id ] = sanitize_text_field( $_POST["_wcpt_sponsor_$id"] ); |
| | 1832 | $values[ $id ] = sanitize_text_field( filter_input( INPUT_POST, '_wcpt_sponsor_' . $id ) ); |
| 1833 | 1833 | } |
| 1834 | 1834 | |
| 1835 | | $values['website'] = esc_url_raw( $_POST['_wcpt_sponsor_website'] ); |
| | 1835 | $values['website'] = esc_url_raw( filter_input( INPUT_POST, '_wcpt_sponsor_website' ) ); |
| 1836 | 1836 | // TODO: maybe only allows links to home page, depending on outcome of http://make.wordpress.org/community/2013/12/31/irs-rules-for-corporate-sponsorship-of-wordcamp/ |
| 1837 | 1837 | |
| 1838 | 1838 | $values['first_name'] = ucfirst( $values['first_name'] ); |