User meta incorrectly showing current logged-in user

Jesse Graupmann — Wed, 29 Jul 2020 13:04:38 +0000

Replies: 1

As a super admin of a multisite WordPress site, I would like to view the metadata associated with the user I am currently editing.

Example: https://www.example.com/wp-admin/user-edit.php?user_id=123

As of version 1.0.3 & 1.1.2 of this plugin it seems to be pulling meta from the current logged-in user in all cases, instead of the current user being edited.

Is it possible to show user meta for only the currently edited user?

Thanks.

esc_html on $value_array and $valueAr

Jesse Graupmann — Fri, 26 Aug 2016 04:12:16 +0000

Replies: 1

First off, thanks for this plugin. Its great.

Now I just noticed something that may/may not be by design. Essentially when you output the content of meta, you’re not escaping the value. For cases where your meta can contain script tags they will execute on the edit screen.

Consider the following:

foreach ( $value as $name_array => $value_array ) {
    echo $name_array . '  =>  ' . esc_html( $value_array );
    echo var_dump( $value_array );
}

Without the esc_html, the following immediately redirects you to another page. If this was on a server I don’t know a lot of people that would be able to modify and stop the code from executing.

If this is by design, it is what it is. But if you’re not opposed to escaping the output I would highly recommend it.

Thanks!

https://www.ads-software.com/plugins/debug-meta-data/

POGO meaning Tagalog,Jili 22net login.REGISTER NOW GET FREE 888 PESOS REWARDS!

User meta incorrectly showing current logged-in user

esc_html on $value_array and $valueAr