ウィジェットエリアをサニタイズ

baserproject · Oct 5, 2023 · 709ad7a · 709ad7a
1 parent 68c90e6
commit 709ad7a
Show file tree

Hide file tree

Showing 12 changed files with 12 additions and 12 deletions.
diff --git a/plugins/bc-front/templates/element/widget/local_navi.php b/plugins/bc-front/templates/element/widget/local_navi.php
@@ -37,7 +37,7 @@
 ?>
 
 
-<div class="bs-widget bs-widget-local-navi bs-widget-local-navi-<?php echo $id ?>">
+<div class="bs-widget bs-widget-local-navi bs-widget-local-navi-<?php echo h($id) ?>">
 	<?php if ($use_title): ?>
 		<h2 class="bs-widget-head"><?php echo h($title) ?></h2>
 	<?php endif ?>

diff --git a/plugins/bc-front/templates/element/widget/php_template.php b/plugins/bc-front/templates/element/widget/php_template.php
@@ -26,7 +26,7 @@
 ?>
 
 
-<div class="bs-widget bs-widget-php-template bs-widget-php-template-<?php echo $id ?>">
+<div class="bs-widget bs-widget-php-template bs-widget-php-template-<?php echo h($id) ?>">
 	<?php if ($name && $use_title): ?>
 		<h2 class="bs-widget-list"><?php echo $name ?></h2>
 	<?php endif ?>

diff --git a/plugins/bc-front/templates/element/widget/search.php b/plugins/bc-front/templates/element/widget/search.php
@@ -36,7 +36,7 @@
 ?>
 
 
-<div class="bs-widget bs-widget-search-box bs-widget-search-box-<?php echo $id ?>">
+<div class="bs-widget bs-widget-search-box bs-widget-search-box-<?php echo h($id) ?>">
     <h2 class="bs-widget-head"><?php echo $name ?></h2>
     <div class="bs-widget-form">
         <?php echo $this->BcForm->create($searchIndexesFront, ['type' => 'get', 'url' => $url]) ?>

diff --git a/plugins/bc-front/templates/element/widget/text.php b/plugins/bc-front/templates/element/widget/text.php
@@ -23,7 +23,7 @@
 ?>
 
 
-<div class="bs-widget bs-widget-text bs-widget-text-<?php echo $id ?>">
+<div class="bs-widget bs-widget-text bs-widget-text-<?php echo h($id) ?>">
 	<?php if ($name && $use_title): ?>
 		<h2 class="bs-widget-head"><?php echo $name ?></h2>
 	<?php endif ?>

diff --git a/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_author_archives.php b/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_author_archives.php
@@ -38,7 +38,7 @@
 ?>
 
 
-<div class="bs-widget bs-widget-blog-authors bs-widget-blog-authors-<?php echo $id ?> bs-blog-widget">
+<div class="bs-widget bs-widget-blog-authors bs-widget-blog-authors-<?php echo h($id) ?> bs-blog-widget">
 	<?php if ($name && $use_title): ?>
 		<h2 class="bs-widget-head"><?php echo $name ?></h2>
 	<?php endif ?>

diff --git a/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_calendar.php b/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_calendar.php
@@ -35,7 +35,7 @@
 ?>
 <?php // TODO コード整理する事  ?>
 
-<div class="bs-widget bs-widget-blog-calendar bs-widget-blog-calendar-<?php echo $id ?> bs-blog-widget">
+<div class="bs-widget bs-widget-blog-calendar bs-widget-blog-calendar-<?php echo h($id) ?> bs-blog-widget">
   <?php if ($name && $use_title): ?>
     <h2 class="bs-widget-head"><?php echo $name ?></h2>
   <?php endif ?>

diff --git a/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_category_archives.php b/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_category_archives.php
@@ -37,7 +37,7 @@
 ?>
 
 
-<div class="bs-widget bs-widget-blog-categories-archives bs-widget-blog-categories-archives-<?php echo $id ?> bs-blog-widget">
+<div class="bs-widget bs-widget-blog-categories-archives bs-widget-blog-categories-archives-<?php echo h($id) ?> bs-blog-widget">
 	<?php if ($name && $use_title): ?>
 		<h2 class="bs-widget-head"><?php echo $name ?></h2>
 	<?php endif ?>

diff --git a/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_monthly_archives.php b/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_monthly_archives.php
@@ -33,7 +33,7 @@
 ?>
 
 
-<div class="bs-widget bs-widget-blog-monthly-archives bs-widget-blog-monthly-archives-<?php echo $id ?> bs-blog-widget">
+<div class="bs-widget bs-widget-blog-monthly-archives bs-widget-blog-monthly-archives-<?php echo h($id) ?> bs-blog-widget">
 	<?php if ($name && $use_title): ?>
 		<h2 class="bs-widget-head"><?php echo $name ?></h2>
 	<?php endif ?>

diff --git a/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_recent_entries.php b/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_recent_entries.php
@@ -32,7 +32,7 @@
 ?>
 
 
-<div class="bs-widget bs-widget-blog-recent-entries bs-widget-blog-recent-entries-<?php echo $id ?> bs-blog-widget">
+<div class="bs-widget bs-widget-blog-recent-entries bs-widget-blog-recent-entries-<?php echo h($id) ?> bs-blog-widget">
 	<?php if ($name && $use_title): ?>
 		<h2 class="bs-widget-head"><?php echo $name ?></h2>
 	<?php endif ?>

diff --git a/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_tag_archives.php b/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_tag_archives.php
@@ -27,7 +27,7 @@
 ?>
 
 
-<div class="widget widget-blog-authors widget-blog-authors-<?php echo $id ?> blog-widget">
+<div class="widget widget-blog-authors widget-blog-authors-<?php echo h($id) ?> blog-widget">
 	<?php if ($name && $use_title): ?>
 		<h2><?php echo $name ?></h2>
 	<?php endif ?>

diff --git a/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_yearly_archives.php b/plugins/bc-front/templates/plugin/BcBlog/element/widget/blog_yearly_archives.php
@@ -34,7 +34,7 @@
 ?>
 
 
-<div class="bs-widget bs-widget-blog-yearly-archives bs-widget-blog-yearly-archives-<?php echo $id ?> bs-blog-widget">
+<div class="bs-widget bs-widget-blog-yearly-archives bs-widget-blog-yearly-archives-<?php echo h($id) ?> bs-blog-widget">
 	<?php if ($name && $use_title): ?>
 		<h2 class="bs-widget-head"><?php echo $name ?></h2>
 	<?php endif ?>

diff --git a/plugins/bc-front/templates/plugin/BcWidgetArea/element/widget_area.php b/plugins/bc-front/templates/plugin/BcWidgetArea/element/widget_area.php
@@ -25,6 +25,6 @@
 ?>
 
 
-<div class="bs-widget-area bs-widget-area-<?php echo $no ?>">
+<div class="bs-widget-area bs-widget-area-<?php echo h($no) ?>">
 	<?php $this->BcWidgetArea->show($no) ?>
 </div>