From 980764063af26bed4f40f6a7d3194588c1c71014 Mon Sep 17 00:00:00 2001 From: Francis Whittle Date: Fri, 8 Nov 2024 10:39:46 +1100 Subject: [PATCH] WPCIVIUX-176 Filter out extra fields that don't validate rather than setting null. --- civicrm-ux.php | 2 +- rest/json-all-events.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/civicrm-ux.php b/civicrm-ux.php index ed55655..f1cfd47 100644 --- a/civicrm-ux.php +++ b/civicrm-ux.php @@ -9,7 +9,7 @@ * Plugin Name: WP CiviCRM UX * Plugin URI: https://github.com/agileware/wp-civicrm-ux * Description: A better user experience for integrating WordPress and CiviCRM - * Version: 1.20.3 + * Version: 1.20.4 * Requires at least: 5.8 * Requires PHP: 7.4 * Requires Plugins: civicrm diff --git a/rest/json-all-events.php b/rest/json-all-events.php index 1363fc8..df9c304 100644 --- a/rest/json-all-events.php +++ b/rest/json-all-events.php @@ -50,8 +50,8 @@ protected function get_events_all() { $start_date = preg_replace("([^0-9-])", "", $_REQUEST['start_date']); $force_login = rest_sanitize_boolean($_REQUEST['force_login'] ?? Shortcode::getDefaultForceLogin()); $redirect_after_login = esc_url($_REQUEST['redirect_after_login']); - $extra_fields = !empty($_REQUEST['extra_fields']) ? explode(',', filter_var($_REQUEST['extra_fields'], FILTER_SANITIZE_STRING)) : []; - $extra_fields = array_map( fn($field) => Civicrm_Ux_Validators::validateAPIFieldName( $field, 'extra_fields' ), $extra_fields ); + $extra_fields = !empty( $_REQUEST['extra_fields'] ) ? explode( ',', $_REQUEST['extra_fields'] ) : []; + $extra_fields = array_filter($extra_fields, fn($field) => Civicrm_Ux_Validators::validateAPIFieldName( $field, 'extra_fields' )); if(!empty($_REQUEST['colors']) && !is_array($_REQUEST['colors'])) { $_REQUEST['colors'] = explode(',', $_REQUEST['colors']);