fix(templates): remove wp_kses_post for parent templates

7062802b · Marcin Kolanko · d6c43c76 · 7062802b · 7062802b · 7062802b
Commit 7062802b authored 3 years ago by Marcin Kolanko
--- a/templates/button.php
+++ b/templates/button.php
@@ -33,3 +33,4 @@
 		readonly="readonly"<?php endif; ?>
 ><?php echo \esc_html( $field->get_label() ); ?></button>
--- a/templates/form-field.php
+++ b/templates/form-field.php
@@ -11,22 +11,12 @@
 <tr valign="top">
 	<?php if ( $field->has_label() ) : ?>
-		<?php echo wp_kses_post( $renderer->render( 'form-label', [ 'field' => $field ] ) ); ?>
+		<?php echo $renderer->render( 'form-label', [ 'field' => $field ] );  // phpcs:ignore ?>
 	<?php endif; ?>
 	<td class="forminp">
 		<?php
-		echo wp_kses_post(
+		echo $renderer->render( $template_name, [ 'field' => $field, 'renderer' => $renderer, 'name_prefix' => $name_prefix, 'value' => $value ]); // phpcs:ignore
-			$renderer->render(
-				$template_name,
-				[
-					'field'       => $field,
-					'renderer'    => $renderer,
-					'name_prefix' => $name_prefix,
-					'value'       => $value,
-				]
-			)
-		);
 		?>
 		<?php if ( $field->has_description() ) : ?>

--- a/templates/form-label.php
+++ b/templates/form-label.php
@@ -9,7 +9,7 @@
 <th class="titledesc" scope="row">
 	<label for="<?php echo \esc_attr( $field->get_id() ); ?>"><?php echo \esc_html( $field->get_label() ); ?>
 		<?php if ( $field->has_description_tip() ) : ?>
-			<?php echo esc_html( wc_help_tip( $field->get_description_tip() ) ); ?>
+			<?php echo wp_kses_post( wc_help_tip( $field->get_description_tip() ) ); ?>
 		<?php endif ?>
 	</label>
 </th>
--- a/templates/input-checkbox.php
+++ b/templates/input-checkbox.php
@@ -10,14 +10,4 @@
 ?>
 <?php
-echo wp_kses_post(
+echo $renderer->render( 'input', [ 'field' => $field, 'renderer' => $renderer, 'name_prefix' => $name_prefix, 'value' => $value ] );  // phpcs:ignore;
-	$renderer->render(
-		'input',
-		[
-			'field'       => $field,
-			'renderer'    => $renderer,
-			'name_prefix' => $name_prefix,
-			'value'       => $value,
-		]
-	)
-);
--- a/templates/input-date-picker.php
+++ b/templates/input-date-picker.php
@@ -7,14 +7,5 @@
 * @var string $template_name Real field template.
 */
-echo wp_kses_post(
+echo $renderer->render( 'input',[ 'field' => $field, 'renderer' => $renderer, 'name_prefix' => $name_prefix, 'value' => $value ]); // phpcs:ignore
-	$renderer->render(
-		'input',
-		[
-			'field'       => $field,
-			'renderer'    => $renderer,
-			'name_prefix' => $name_prefix,
-			'value'       => $value,
-		]
-	)
-);
--- a/templates/input-hidden.php
+++ b/templates/input-hidden.php
@@ -9,14 +9,4 @@
 ?>
 <?php
-echo wp_kses_post(
+echo $renderer->render( 'input', [ 'field' => $field, 'renderer' => $renderer, 'name_prefix' => $name_prefix, 'value' => $value ] ); // phpcs:ignore
-	$renderer->render(
-		'input',
-		[
-			'field'       => $field,
-			'renderer'    => $renderer,
-			'name_prefix' => $name_prefix,
-			'value'       => $value,
-		]
-	)
-);
--- a/templates/input-image.php
+++ b/templates/input-image.php
@@ -13,15 +13,23 @@ $media_container_id = 'media_' . sanitize_key( $field->get_id() );
 			id="<?php echo \esc_attr( $field->get_id() ); ?>"/>
 	<div class="custom-img-container">
 		<?php if ( $value ) : ?>
-            <img src="<?php echo \esc_url( $value ) ?>" alt="" width="100"/>
+			<img src="<?php echo \esc_url( $value ); ?>" alt="" width="100"/>
 		<?php endif; ?>
 	</div>
 	<p class="hide-if-no-js">
-        <a class="upload-custom-img <?php if ( $value ): ?>hidden<?php endif ?>" href="<?php echo \esc_url( $value ) ?>">
+		<a class="upload-custom-img 
-			<?php \esc_html_e( 'Set image', 'wp-forms' ) ?>
+		<?php
+		if ( $value ) :
+			?>
+			hidden<?php endif ?>" href="<?php echo \esc_url( $value ); ?>">
+			<?php \esc_html_e( 'Set image', 'wp-forms' ); ?>
 		</a>
-        <a class="delete-custom-img <?php if ( ! $value ): ?>hidden<?php endif ?>" href="#">
+		<a class="delete-custom-img 
-			<?php \esc_html_e( 'Remove image', 'wp-forms' ) ?>
+		<?php
+		if ( ! $value ) :
+			?>
+			hidden<?php endif ?>" href="#">
+			<?php \esc_html_e( 'Remove image', 'wp-forms' ); ?>
 		</a>
 	</p>
 </div>

--- a/templates/input-number.php
+++ b/templates/input-number.php
@@ -7,14 +7,4 @@
 * @var string $template_name Real field template.
 */
-echo wp_kses_post(
+echo $renderer->render( 'input', ['field' => $field, 'renderer' => $renderer, 'name_prefix' => $name_prefix,'value' => $value ] ); // phpcs:ignore
-	$renderer->render(
-		'input',
-		[
-			'field'       => $field,
-			'renderer'    => $renderer,
-			'name_prefix' => $name_prefix,
-			'value'       => $value,
-		]
-	)
-);
--- a/templates/input-radio.php
+++ b/templates/input-radio.php
@@ -9,14 +9,4 @@
 ?>
 <?php
-echo wp_kses_post(
+echo $renderer->render( 'input', [ 'field' => $field, 'renderer' => $renderer, 'name_prefix' => $name_prefix, 'value' => $value ] );  // phpcs:ignore
-	$renderer->render(
-		'input',
-		[
-			'field'       => $field,
-			'renderer'    => $renderer,
-			'name_prefix' => $name_prefix,
-			'value'       => $value,
-		]
-	)
-);
--- a/templates/input-text.php
+++ b/templates/input-text.php
@@ -7,14 +7,4 @@
 * @var string $template_name Real field template.
 */
-echo wp_kses_post(
+echo $renderer->render( 'input', [ 'field' => $field, 'renderer' => $renderer, 'name_prefix' => $name_prefix, 'value' => $value ] ); // phpcs:ignore
-	$renderer->render(
-		'input',
-		[
-			'field'       => $field,
-			'renderer'    => $renderer,
-			'name_prefix' => $name_prefix,
-			'value'       => $value,
-		]
-	)
-);