From b47f6d968b518499ea6d70bbc0e6f23820a8d2fd Mon Sep 17 00:00:00 2001 From: padams Date: Fri, 17 Sep 2021 23:01:44 +0000 Subject: [PATCH] more escaping --- owa-plugin.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/owa-plugin.php b/owa-plugin.php index 579e0fb..923fe3a 100644 --- a/owa-plugin.php +++ b/owa-plugin.php @@ -298,7 +298,7 @@ function addFeedTrackingQueryParams() { global $wp; // feed tracking param - $wp->add_query_var('owa_sid'); + $wp->add_query_var( $this->getOption( 'feed_subscription_param' ) ); } @@ -605,7 +605,7 @@ function decorateFeedEntryPermalink($link) { 'owa_medium', $this->getOption( 'feed_tracking_medium' ), $this->getOption( 'feed_subscription_param' ), - $_GET[ $this->getOption( 'feed_subscription_param' ) ] + esc_attr( get_query_var( $this->getOption( 'feed_subscription_param' ) ) ) ); } } @@ -840,7 +840,7 @@ function trackFeedRequest() { $event->setEventType( 'base.feed_request' ); // determine and set the type of feed $event->set( 'feed_format', get_query_var( 'feed' ) ); - $event->set( 'feed_subscription_id', get_query_var( 'owa_sid' ) ); + $event->set( 'feed_subscription_id', get_query_var( $this->getOption( 'feed_subscription_param' ) ) ); //$event->set( 'feed_subscription_id', $_GET['owa_sid'] ); // track $owa->trackEvent( $event );