diff options
Diffstat (limited to 'plugins/jetpack/modules/likes/jetpack-likes-master-iframe.php')
-rw-r--r-- | plugins/jetpack/modules/likes/jetpack-likes-master-iframe.php | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/plugins/jetpack/modules/likes/jetpack-likes-master-iframe.php b/plugins/jetpack/modules/likes/jetpack-likes-master-iframe.php index 9ccca4c1..d520729b 100644 --- a/plugins/jetpack/modules/likes/jetpack-likes-master-iframe.php +++ b/plugins/jetpack/modules/likes/jetpack-likes-master-iframe.php @@ -1,10 +1,15 @@ <?php +/** + * Jetpack likes iframe. + * + * @package jetpack + */ /** * This function needs to get loaded after the like scripts get added to the page. */ function jetpack_likes_master_iframe() { - $version = gmdate( 'YW' ); + $version = gmdate( 'YW' ); $in_jetpack = ( defined( 'IS_WPCOM' ) && IS_WPCOM ) ? false : true; $_locale = get_locale(); @@ -18,10 +23,10 @@ function jetpack_likes_master_iframe() { require_once JETPACK__GLOTPRESS_LOCALES_PATH; $gp_locale = GP_Locales::by_field( 'wp_locale', $_locale ); - $_locale = isset( $gp_locale->slug ) ? $gp_locale->slug : ''; + $_locale = isset( $gp_locale->slug ) ? $gp_locale->slug : ''; } - $likes_locale = ( '' == $_locale || 'en' == $_locale ) ? '' : '&lang=' . strtolower( $_locale ); + $likes_locale = ( '' === $_locale || 'en' === $_locale ) ? '' : '&lang=' . strtolower( $_locale ); $src = sprintf( 'https://widgets.wp.com/likes/master.html?ver=%1$s#ver=%1$s%2$s', @@ -30,9 +35,9 @@ function jetpack_likes_master_iframe() { ); /* translators: The value of %d is not available at the time of output */ - $likersText = wp_kses( __( '<span>%d</span> bloggers like this:', 'jetpack' ), array( 'span' => array() ) ); + $likers_text = wp_kses( __( '<span>%d</span> bloggers like this:', 'jetpack' ), array( 'span' => array() ) ); ?> - <iframe src='<?php echo $src; ?>' scrolling='no' id='likes-master' name='likes-master' style='display:none;'></iframe> - <div id='likes-other-gravatars'><div class="likes-text"><?php echo $likersText; ?></div><ul class="wpl-avatars sd-like-gravatars"></ul></div> + <iframe src='<?php echo esc_url( $src ); ?>' scrolling='no' id='likes-master' name='likes-master' style='display:none;'></iframe> + <div id='likes-other-gravatars'><div class="likes-text"><?php echo $likers_text; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?></div><ul class="wpl-avatars sd-like-gravatars"></ul></div> <?php } |