summaryrefslogtreecommitdiffstats
path: root/includes/admin
diff options
context:
space:
mode:
authorHarald Eilertsen <haraldei@anduin.net>2022-02-12 20:46:22 +0100
committerHarald Eilertsen <haraldei@anduin.net>2022-02-12 20:46:22 +0100
commita826c6ab358e64524c4a1c1ce180404fb937993a (patch)
tree2a56e435f8978f5265a5300558720d51e3f9f3c2 /includes/admin
parentd4cc6c399d12927541efd62c3836a86588b7a9be (diff)
downloadgigologadmin-a826c6ab358e64524c4a1c1ce180404fb937993a.tar.gz
gigologadmin-a826c6ab358e64524c4a1c1ce180404fb937993a.tar.bz2
gigologadmin-a826c6ab358e64524c4a1c1ce180404fb937993a.zip
Fix pagination of concert table.
There's potential vulnerabilities here still, and I'm unsure if get_permalink() is entirely safe to use in this context. Seems to do the right thing, but the docs for the function indicates it has some edge cases.
Diffstat (limited to 'includes/admin')
-rw-r--r--includes/admin/views/_concerts_table.php13
1 files changed, 7 insertions, 6 deletions
diff --git a/includes/admin/views/_concerts_table.php b/includes/admin/views/_concerts_table.php
index 4a9c658..b34fef1 100644
--- a/includes/admin/views/_concerts_table.php
+++ b/includes/admin/views/_concerts_table.php
@@ -153,27 +153,28 @@ if (!class_exists("GiglogAdmin_ConcertsTable"))
$content.='<span class="alignleft">';
if($page_no > 1) {
- $content.= "<span><a href='?page_no=1'>First Page </a> - </span>";
+ $content.= '<span><a href="'. add_query_arg( 'page_no', 1, get_permalink() ) . '">First Page</a> - </span>';
}
if($page_no <= 1) {
$content .="<span> </span>";
}
else {
- $content.= "<span> <a href='?page_no=".$previous_page."' >Previous </a> </span>";
+ $content.= '<span> <a href="' . add_query_arg( 'page_no', $previous_page, get_permalink() ) . '">Previous</a></span>';
}
$content.='</span>';
$content.='<span class="aligncenter"><div style="padding: 10px 20px 0px; border-top: dotted 1px #CCC;"><strong>Page '.$page_no.' of '.$total_no_of_pages.'</strong></div></span>';
$content.='<span class="alignright">';
- if($page_no >= $total_no_of_pages) {
+ if ($page_no >= $total_no_of_pages) {
$content .= "<span></span>";
}
- if($page_no < $total_no_of_pages) {
- $content .= '<span><a href="?page_no='.$next_page.'">Next</a> - </span>';
- $content .= "<span><a href='?page_no=".$total_no_of_pages."'>Last Page</a></span>";
+ if ($page_no < $total_no_of_pages) {
+ global $wp;
+ $content .= '<span><a href="' . add_query_arg( 'page_no', $next_page, get_permalink() ) . '">Next</a> - </span>';
+ $content .= '<span><a href="' . add_query_arg( 'page_no', $total_no_of_pages, get_permalink() ) .'">Last Page</a></span>';
}
$content.='</span>';