diff options
| author | Harald Eilertsen <haraldei@anduin.net> | 2022-02-12 20:46:22 +0100 |
|---|---|---|
| committer | Harald Eilertsen <haraldei@anduin.net> | 2022-02-12 20:46:22 +0100 |
| commit | a826c6ab358e64524c4a1c1ce180404fb937993a (patch) | |
| tree | 2a56e435f8978f5265a5300558720d51e3f9f3c2 /includes/admin/views/_concerts_table.php | |
| parent | d4cc6c399d12927541efd62c3836a86588b7a9be (diff) | |
| download | gigologadmin-a826c6ab358e64524c4a1c1ce180404fb937993a.tar.gz gigologadmin-a826c6ab358e64524c4a1c1ce180404fb937993a.tar.bz2 gigologadmin-a826c6ab358e64524c4a1c1ce180404fb937993a.zip | |
Fix pagination of concert table.
There's potential vulnerabilities here still, and I'm unsure if
get_permalink() is entirely safe to use in this context. Seems to do the
right thing, but the docs for the function indicates it has some edge
cases.
Diffstat (limited to 'includes/admin/views/_concerts_table.php')
| -rw-r--r-- | includes/admin/views/_concerts_table.php | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/includes/admin/views/_concerts_table.php b/includes/admin/views/_concerts_table.php index 4a9c658..b34fef1 100644 --- a/includes/admin/views/_concerts_table.php +++ b/includes/admin/views/_concerts_table.php @@ -153,27 +153,28 @@ if (!class_exists("GiglogAdmin_ConcertsTable")) $content.='<span class="alignleft">'; if($page_no > 1) { - $content.= "<span><a href='?page_no=1'>First Page </a> - </span>"; + $content.= '<span><a href="'. add_query_arg( 'page_no', 1, get_permalink() ) . '">First Page</a> - </span>'; } if($page_no <= 1) { $content .="<span> </span>"; } else { - $content.= "<span> <a href='?page_no=".$previous_page."' >Previous </a> </span>"; + $content.= '<span> <a href="' . add_query_arg( 'page_no', $previous_page, get_permalink() ) . '">Previous</a></span>'; } $content.='</span>'; $content.='<span class="aligncenter"><div style="padding: 10px 20px 0px; border-top: dotted 1px #CCC;"><strong>Page '.$page_no.' of '.$total_no_of_pages.'</strong></div></span>'; $content.='<span class="alignright">'; - if($page_no >= $total_no_of_pages) { + if ($page_no >= $total_no_of_pages) { $content .= "<span></span>"; } - if($page_no < $total_no_of_pages) { - $content .= '<span><a href="?page_no='.$next_page.'">Next</a> - </span>'; - $content .= "<span><a href='?page_no=".$total_no_of_pages."'>Last Page</a></span>"; + if ($page_no < $total_no_of_pages) { + global $wp; + $content .= '<span><a href="' . add_query_arg( 'page_no', $next_page, get_permalink() ) . '">Next</a> - </span>'; + $content .= '<span><a href="' . add_query_arg( 'page_no', $total_no_of_pages, get_permalink() ) .'">Last Page</a></span>'; } $content.='</span>'; |