From 654590da152513c30b597bf34448b10eea2535b5 Mon Sep 17 00:00:00 2001
From: magepeopleteam <magepeopleteam@b8457f37-d9ea-0310-8a92-e5e31aec5664>
Date: Sat, 30 Oct 2021 03:39:27 +0000
Subject: [PATCH] added esc_attr

---
 inc/mep_event_meta.php                    |  8 ++--
 inc/mep_extra_price.php                   | 22 ++++-----
 inc/mep_functions.php                     | 54 +++++++++++------------
 inc/mep_user_custom_style.php             | 18 ++++----
 lib/classes/class-form-fields-wrapper.php | 44 +++++++++---------
 lib/classes/class-meta-box.php            |  4 +-
 lib/classes/class-taxonomy-edit.php       |  2 +-
 7 files changed, 76 insertions(+), 76 deletions(-)

diff --git a/inc/mep_event_meta.php b/inc/mep_event_meta.php
index 340a405..5d37d9d 100644
--- a/inc/mep_event_meta.php
+++ b/inc/mep_event_meta.php
@@ -1292,7 +1292,7 @@ function mep_event_meta_save($post_id)
 		$mdate           = [];
 
 		if (isset($_POST['post_author_gutenberg'])) {
-			$wpdb->get_results("UPDATE " . $table_name . " SET post_author=" . $_POST['post_author_gutenberg'] . " WHERE ID=" . $pid);
+			$wpdb->get_results("UPDATE " . $table_name . " SET post_author=" . mage_array_strip($_POST['post_author_gutenberg']) . " WHERE ID=" . $pid);
 		}
 
 		$mcount = count($more_start_date);
@@ -1422,19 +1422,19 @@ function mep_event_meta_save($post_id)
 		update_post_meta($pid, '_sku', $sku);
 		update_post_meta($pid, 'mep_member_only_user_role', $mep_member_only_user_role);
 
-		if (isset($_POST['mep_event_type']) && strip_tags($_POST['mep_event_type'])) {
+		if (isset($_POST['mep_event_type']) && mage_array_strip($_POST['mep_event_type'])) {
 			$mep_event_type = 'online';
 		} else {
 			$mep_event_type = 'offline';
 		}
-		if (isset($_POST['mep_member_only_event']) && strip_tags($_POST['mep_member_only_event'])) {
+		if (isset($_POST['mep_member_only_event']) && mage_array_strip($_POST['mep_member_only_event'])) {
 			$mep_event_member_type = 'member_only';
 		} else {
 			$mep_event_member_type = 'for_all';
 		}
 		update_post_meta($pid, 'mep_member_only_event', $mep_event_member_type);
 		update_post_meta($pid, 'mep_event_type', $mep_event_type);
-		$mp_event_virtual_type_des = isset($_POST['mp_event_virtual_type_des']) ? htmlspecialchars($_POST['mp_event_virtual_type_des'])  : "";
+		$mp_event_virtual_type_des = isset($_POST['mp_event_virtual_type_des']) ? htmlspecialchars(mage_array_strip($_POST['mp_event_virtual_type_des']))  : "";
 		update_post_meta($pid, 'mp_event_virtual_type_des', $mp_event_virtual_type_des);
 
 
diff --git a/inc/mep_extra_price.php b/inc/mep_extra_price.php
index b339d31..69220db 100644
--- a/inc/mep_extra_price.php
+++ b/inc/mep_extra_price.php
@@ -147,8 +147,8 @@ function mep_display_custom_fields_text_cart($item_data, $cart_item)
         foreach ($ticket_type_arr as $_event_recurring_date) {
           if ($hide_date_status == 'no') {
 ?>
-            <li><?php echo $event_label;
-                _e(" Date", 'mage-eventpress'); ?>: <?php echo get_mep_datetime($_event_recurring_date['event_date'], 'date-time-text'); ?></li>
+            <li><?php echo esc_attr($event_label);
+                _e(" Date", 'mage-eventpress'); ?>: <?php echo esc_attr(get_mep_datetime($_event_recurring_date['event_date'], 'date-time-text')); ?></li>
           <?php
           }
         }
@@ -165,8 +165,8 @@ function mep_display_custom_fields_text_cart($item_data, $cart_item)
         foreach ($ticket_type_arr as $_event_recurring_date) {
           if ($hide_date_status == 'no') {
           ?>
-            <li><?php echo $event_label;
-                _e(" Date", 'mage-eventpress'); ?>: <?php echo get_mep_datetime($_event_recurring_date['event_date'], 'date-time-text'); ?></li>
+            <li><?php echo esc_attr($event_label);
+                _e(" Date", 'mage-eventpress'); ?>: <?php echo esc_attr(get_mep_datetime($_event_recurring_date['event_date'], 'date-time-text')); ?></li>
           <?php
           }
         }
@@ -184,8 +184,8 @@ function mep_display_custom_fields_text_cart($item_data, $cart_item)
         foreach ($ticket_type_arr as $_event_recurring_date) {
           if ($hide_date_status == 'no') {
           ?>
-            <li><?php echo $event_label;
-                _e(" Date", 'mage-eventpress'); ?>: <?php echo get_mep_datetime($_event_recurring_date['event_date'], 'date-text'); ?></li>
+            <li><?php echo esc_attr($event_label);
+                _e(" Date", 'mage-eventpress'); ?>: <?php echo esc_attr(get_mep_datetime($_event_recurring_date['event_date'], 'date-text')); ?></li>
           <?php
           }
         }
@@ -204,16 +204,16 @@ function mep_display_custom_fields_text_cart($item_data, $cart_item)
       } else {
         if ($hide_date_status == 'no') {
           ?>
-          <li><?php echo $event_label;
-              _e(" Date", 'mage-eventpress'); ?>: <?php echo get_mep_datetime($cart_item['event_cart_display_date'], 'date-time-text'); ?></li>
+          <li><?php echo esc_attr($event_label);
+              _e(" Date", 'mage-eventpress'); ?>: <?php echo esc_attr(get_mep_datetime($cart_item['event_cart_display_date'], 'date-time-text')); ?></li>
       <?php
         }
       }
     }
     if ($hide_location_status == 'no') {
       ?>
-      <li><?php echo $event_label;
-          _e(" Location", 'mage-eventpress'); ?>: <?php echo $cart_item['event_cart_location']; ?></li>
+      <li><?php echo esc_attr($event_label);
+          _e(" Location", 'mage-eventpress'); ?>: <?php echo esc_attr($cart_item['event_cart_location']); ?></li>
 <?php
     }
     if (is_array($ticket_type_arr) && sizeof($ticket_type_arr) > 0) {
@@ -221,7 +221,7 @@ function mep_display_custom_fields_text_cart($item_data, $cart_item)
     }
     if (is_array($event_extra_service) && sizeof($event_extra_service) > 0) {
       foreach ($event_extra_service as $extra_service) {
-        echo '<li>' . $extra_service['service_name'] . " - " . wc_price(mep_get_price_including_tax($eid, $extra_service['service_price'])) . ' x ' . $extra_service['service_qty'] . ' = ' . wc_price(mep_get_price_including_tax($eid, (float) $extra_service['service_price'] * (float) $extra_service['service_qty'])) . '</li>';
+        echo '<li>' . esc_attr($extra_service['service_name']) . " - " . wc_price(esc_attr(mep_get_price_including_tax($eid, $extra_service['service_price']))) . ' x ' . esc_attr($extra_service['service_qty']) . ' = ' . wc_price(esc_attr(mep_get_price_including_tax($eid, (float) $extra_service['service_price'] * (float) $extra_service['service_qty']))) . '</li>';
       }
     }
     do_action('mep_after_cart_item_display_list', $cart_item);
diff --git a/inc/mep_functions.php b/inc/mep_functions.php
index 046601d..1bd2f2f 100755
--- a/inc/mep_functions.php
+++ b/inc/mep_functions.php
@@ -3144,55 +3144,55 @@ if (!function_exists('mep_cart_display_user_list')) {
             ?>
             <ul>
                 <?php if ($userinf['user_name']) { ?>
-                    <li><?php echo mep_get_reg_label($event_id, 'Name') . ": ";
-                        echo $userinf['user_name']; ?></li> <?php } ?>
+                    <li><?php echo esc_attr(mep_get_reg_label($event_id, 'Name')) . ": ";
+                        echo esc_attr($userinf['user_name']); ?></li> <?php } ?>
                 <?php if ($userinf['user_email']) { ?>
-                    <li><?php echo mep_get_reg_label($event_id, 'Email') . ": ";
-                        echo $userinf['user_email']; ?></li> <?php } ?>
+                    <li><?php echo esc_attr(mep_get_reg_label($event_id, 'Email')) . ": ";
+                        echo esc_attr($userinf['user_email']); ?></li> <?php } ?>
                 <?php if ($userinf['user_phone']) { ?>
-                    <li><?php echo mep_get_reg_label($event_id, 'Phone') . ": ";
-                        echo $userinf['user_phone']; ?></li> <?php } ?>
+                    <li><?php echo esc_attr(mep_get_reg_label($event_id, 'Phone')) . ": ";
+                        echo esc_attr($userinf['user_phone']); ?></li> <?php } ?>
                 <?php if ($userinf['user_address']) { ?>
-                    <li><?php echo mep_get_reg_label($event_id, 'Address') . ": ";
-                        echo $userinf['user_address']; ?></li> <?php } ?>
+                    <li><?php echo esc_attr(mep_get_reg_label($event_id, 'Address')) . ": ";
+                        echo esc_attr($userinf['user_address']); ?></li> <?php } ?>
                 <?php if ($userinf['user_gender']) { ?>
-                    <li><?php echo mep_get_reg_label($event_id, 'Gender') . ": ";
-                        echo $userinf['user_gender']; ?></li> <?php } ?>
+                    <li><?php echo esc_attr(mep_get_reg_label($event_id, 'Gender')) . ": ";
+                        echo esc_attr($userinf['user_gender']); ?></li> <?php } ?>
                 <?php if ($userinf['user_tshirtsize']) { ?>
-                    <li><?php echo mep_get_reg_label($event_id, 'T-Shirt Size') . ": ";
-                        echo $userinf['user_tshirtsize']; ?></li> <?php } ?>
+                    <li><?php echo esc_attr(mep_get_reg_label($event_id, 'T-Shirt Size')) . ": ";
+                        echo esc_attr($userinf['user_tshirtsize']); ?></li> <?php } ?>
                 <?php if ($userinf['user_company']) { ?>
-                    <li><?php echo mep_get_reg_label($event_id, 'Company') . ": ";
-                        echo $userinf['user_company']; ?></li> <?php } ?>
+                    <li><?php echo esc_attr(mep_get_reg_label($event_id, 'Company')) . ": ";
+                        echo esc_attr($userinf['user_company']); ?></li> <?php } ?>
                 <?php if ($userinf['user_designation']) { ?>
-                    <li><?php echo mep_get_reg_label($event_id, 'Designation') . ": ";
-                        echo $userinf['user_designation']; ?></li> <?php } ?>
+                    <li><?php echo esc_attr(mep_get_reg_label($event_id, 'Designation')) . ": ";
+                        echo esc_attr($userinf['user_designation']); ?></li> <?php } ?>
                 <?php if ($userinf['user_website']) { ?>
-                    <li><?php echo mep_get_reg_label($event_id, 'Website') . ": ";
-                        echo $userinf['user_website']; ?></li> <?php } ?>
+                    <li><?php echo esc_attr(mep_get_reg_label($event_id, 'Website')) . ": ";
+                        echo esc_attr($userinf['user_website']); ?></li> <?php } ?>
                 <?php if ($userinf['user_vegetarian']) { ?>
-                    <li><?php echo mep_get_reg_label($event_id, 'Vegetarian') . ": ";
-                        echo $userinf['user_vegetarian']; ?></li> <?php } ?>
+                    <li><?php echo esc_attr(mep_get_reg_label($event_id, 'Vegetarian')) . ": ";
+                        echo esc_attr($userinf['user_vegetarian']); ?></li> <?php } ?>
                 <?php if (sizeof($custom_forms_id) > 0) {
                     foreach ($custom_forms_id as $key => $value) {
                         ?>
                         <li><?php _e($key, 'mage-eventpress');
-                            echo ": " . $userinf[$value]; ?></li>
+                            echo ": " . esc_attr($userinf[$value]); ?></li>
                         <?php
                     }
                 } ?>
                 <?php if ($userinf['user_ticket_type']) { ?>
                     <li><?php _e('Ticket Type', 'mage-eventpress');
-                        echo ": " . $userinf['user_ticket_type']; ?></li> <?php } ?>
+                        echo ": " . esc_attr($userinf['user_ticket_type']); ?></li> <?php } ?>
 
                 <?php if ($recurring == 'everyday' && $time_status == 'no') { ?>
-                    <li><?php echo $event_label;
+                    <li><?php echo esc_attr($event_label);
                         _e(' Date', 'mage-eventpress');
-                        echo ": "; ?><?php echo get_mep_datetime($userinf['user_event_date'], 'date-text'); ?></li>
+                        echo ": "; ?><?php echo esc_attr(get_mep_datetime($userinf['user_event_date'], 'date-text')); ?></li>
                 <?php } else { ?>
-                    <li><?php echo $event_label;
+                    <li><?php echo esc_attr($event_label);
                         _e(' Date', 'mage-eventpress');
-                        echo ": "; ?><?php echo get_mep_datetime($userinf['user_event_date'], 'date-time-text'); ?></li>
+                        echo ": "; ?><?php echo esc_attr(get_mep_datetime($userinf['user_event_date'], 'date-time-text')); ?></li>
                 <?php } ?>
             </ul>
             <?php
@@ -3206,7 +3206,7 @@ if (!function_exists('mep_cart_display_ticket_type_list')) {
     function mep_cart_display_ticket_type_list($ticket_type_arr, $eid) {
         ob_start();
         foreach ($ticket_type_arr as $ticket) {
-            echo '<li>' . $ticket['ticket_name'] . " - " . wc_price(mep_get_price_including_tax($eid, $ticket['ticket_price'])) . ' x ' . $ticket['ticket_qty'] . ' = ' . wc_price(mep_get_price_including_tax($eid, (float)$ticket['ticket_price'] * (float)$ticket['ticket_qty'])) . '</li>';
+            echo '<li>' . esc_attr($ticket['ticket_name']) . " - " . wc_price(esc_attr(mep_get_price_including_tax($eid, $ticket['ticket_price']))) . ' x ' . esc_attr($ticket['ticket_qty']) . ' = ' . wc_price(esc_attr(mep_get_price_including_tax($eid, (float)$ticket['ticket_price'] * (float)$ticket['ticket_qty']))) . '</li>';
         }
         return apply_filters('mep_display_ticket_in_cart_list', ob_get_clean(), $ticket_type_arr, $eid);
     }
diff --git a/inc/mep_user_custom_style.php b/inc/mep_user_custom_style.php
index 20444d5..9ddef96 100644
--- a/inc/mep_user_custom_style.php
+++ b/inc/mep_user_custom_style.php
@@ -6,16 +6,16 @@ if (!defined('ABSPATH')) {
 add_action('wp_head', 'mep_user_custom_styles', 10, 999);
 function mep_user_custom_styles()
 {
-    $base_color = mep_get_option('mep_base_color', 'style_setting_sec', '#ffbe30');
-    $label_bg_color = mep_get_option('mep_title_bg_color', 'style_setting_sec', '#ffbe30');
-    $label_text_color = mep_get_option('mep_title_text_color', 'style_setting_sec', '#ffffff');
-    $cart_btn_bg_color = mep_get_option('mep_cart_btn_bg_color', 'style_setting_sec', '#ffbe30');
-    $cart_btn_txt_color = mep_get_option('mep_cart_btn_text_color', 'style_setting_sec', '#ffffff');
+    $base_color             = esc_attr(mep_get_option('mep_base_color', 'style_setting_sec', '#ffbe30'));
+    $label_bg_color         = esc_attr(mep_get_option('mep_title_bg_color', 'style_setting_sec', '#ffbe30'));
+    $label_text_color       = esc_attr(mep_get_option('mep_title_text_color', 'style_setting_sec', '#ffffff'));
+    $cart_btn_bg_color      = esc_attr(mep_get_option('mep_cart_btn_bg_color', 'style_setting_sec', '#ffbe30'));
+    $cart_btn_txt_color     = esc_attr(mep_get_option('mep_cart_btn_text_color', 'style_setting_sec', '#ffffff'));
 
-    $calender_btn_bg_color = mep_get_option('mep_calender_btn_bg_color', 'style_setting_sec', '#ffbe30');
-    $calender_btn_txt_color = mep_get_option('mep_calender_btn_text_color', 'style_setting_sec', '#ffffff');
-    $faq_label_bg_color = mep_get_option('mep_faq_title_bg_color', 'style_setting_sec', '#ffbe30');
-    $faq_label_text_color = mep_get_option('mep_faq_title_text_color', 'style_setting_sec', '#ffffff');
+    $calender_btn_bg_color  = esc_attr(mep_get_option('mep_calender_btn_bg_color', 'style_setting_sec', '#ffbe30'));
+    $calender_btn_txt_color = esc_attr(mep_get_option('mep_calender_btn_text_color', 'style_setting_sec', '#ffffff'));
+    $faq_label_bg_color     = esc_attr(mep_get_option('mep_faq_title_bg_color', 'style_setting_sec', '#ffbe30'));
+    $faq_label_text_color   = esc_attr(mep_get_option('mep_faq_title_text_color', 'style_setting_sec', '#ffffff'));
 
     ?>
     <style>
diff --git a/lib/classes/class-form-fields-wrapper.php b/lib/classes/class-form-fields-wrapper.php
index c18fcb9..594bd6e 100755
--- a/lib/classes/class-form-fields-wrapper.php
+++ b/lib/classes/class-form-fields-wrapper.php
@@ -487,18 +487,18 @@ if( ! class_exists( 'FormFieldsGenerator' ) ) {
             if(!empty($args)):
                 ?>
 
-                <div <?php if(!empty($depends)) {?> data-depends="[<?php echo $depends; ?>]" <?php } ?>
-                        id="field-wrapper-<?php echo $id; ?>" class="<?php if(!empty($depends)) echo 'dependency-field'; ?> field-wrapper field-google-map-wrapper
-                field-google-map-wrapper-<?php echo $id; ?>">
+                <div <?php if(!empty($depends)) {?> data-depends="[<?php echo esc_attr($depends); ?>]" <?php } ?>
+                        id="field-wrapper-<?php echo esc_attr($id); ?>" class="<?php if(!empty($depends)) echo 'dependency-field'; ?> field-wrapper field-google-map-wrapper
+                field-google-map-wrapper-<?php echo esc_attr($id); ?>">
                     <div class="item-list">
                         <?php
                         foreach ($args as $index=>$name):
                             ?>
                             <div class="item">
                                 <span class="field-title"><?php echo $name; ?></span>
-                                <span class="input-wrapper"><input type='text' name='<?php echo $field_name;?>[<?php
-                                    echo $index; ?>]' value='<?php
-                                    echo $values[$index]; ?>' /></span>
+                                <span class="input-wrapper"><input type='text' name='<?php echo esc_attr($field_name);?>[<?php
+                                    echo esc_attr($index); ?>]' value='<?php
+                                    echo esc_attr($values[$index]); ?>' /></span>
                             </div>
                         <?php
                         endforeach;
@@ -507,29 +507,29 @@ if( ! class_exists( 'FormFieldsGenerator' ) ) {
                 </div>
                 <script>
                     <?php if(!empty($depends)) {?>
-                    jQuery('#field-wrapper-<?php echo $id; ?>').formFieldDependency({});
+                    jQuery('#field-wrapper-<?php echo esc_attr($id); ?>').formFieldDependency({});
                     <?php } ?>
                 </script>
                 <?php
                 if($preview):
                     ?>
-                    <div id="map-<?php echo $field_id; ?>"></div>
+                    <div id="map-<?php echo esc_attr($field_id); ?>"></div>
                     <script>
                         function initMap() {
-                            var myLatLng = {lat: <?php echo $lat; ?>, lng: <?php echo $lng; ?>};
-                            var map = new google.maps.Map(document.getElementById('map-<?php echo $field_id; ?>'), {
-                                zoom: <?php echo $zoom; ?>,
+                            var myLatLng = {lat: <?php echo esc_attr($lat); ?>, lng: <?php echo esc_attr($lng); ?>};
+                            var map = new google.maps.Map(document.getElementById('map-<?php echo esc_attr($field_id); ?>'), {
+                                zoom: <?php echo esc_attr($zoom); ?>,
                                 center: myLatLng
                             });
                             var marker = new google.maps.Marker({
                                 position: myLatLng,
                                 map: map,
-                                title: '<?php echo $title; ?>'
+                                title: '<?php echo esc_attr($title); ?>'
                             });
                         }
                     </script>
                     <script async defer
-                            src="https://maps.googleapis.com/maps/api/js?key=<?php echo $apikey; ?>&callback=initMap">
+                            src="https://maps.googleapis.com/maps/api/js?key=<?php echo esc_attr($apikey); ?>&callback=initMap">
                     </script>
                     <?php
                 endif;
@@ -645,14 +645,14 @@ if( ! class_exists( 'FormFieldsGenerator' ) ) {
 
             ob_start();
             ?>
-            <div <?php if(!empty($depends)) {?> data-depends="[<?php echo $depends; ?>]" <?php } ?>
-                    id="field-wrapper-<?php echo $id; ?>" class="<?php if(!empty($depends)) echo 'dependency-field'; ?> field-wrapper field-border-wrapper
-            field-border-wrapper-<?php echo $id; ?>">
+            <div <?php if(!empty($depends)) {?> data-depends="[<?php echo esc_attr($depends); ?>]" <?php } ?>
+                    id="field-wrapper-<?php echo esc_attr($id); ?>" class="<?php if(!empty($depends)) echo 'dependency-field'; ?> field-wrapper field-border-wrapper
+            field-border-wrapper-<?php echo esc_attr($id); ?>">
                 <div class="item-list">
                         <div class="item">
                             <span class="field-title">Width</span>
-                            <span class="input-wrapper"><input type='number' name='<?php echo $field_name;?>[width]' value='<?php
-                                echo $width; ?>' /></span>
+                            <span class="input-wrapper"><input type='number' name='<?php echo esc_attr($field_name);?>[width]' value='<?php
+                                echo esc_attr($width); ?>' /></span>
                             <select name="<?php echo $field_name;?>[unit]">
                                 <option <?php if($unit == 'px') echo 'selected'; ?> value="px">px</option>
                                 <option <?php if($unit == '%') echo 'selected'; ?> value="%">%</option>
@@ -681,19 +681,19 @@ if( ! class_exists( 'FormFieldsGenerator' ) ) {
                         </div>
                     <div class="item">
                         <span class="field-title">Color</span>
-                        <span class="input-wrapper"><input class="colorpicker" type='text' name='<?php echo $field_name;
-                        ?>[color]' value='<?php echo $color; ?>' /></span>
+                        <span class="input-wrapper"><input class="colorpicker" type='text' name='<?php echo esc_attr($field_name);
+                        ?>[color]' value='<?php echo esc_attr($color); ?>' /></span>
                     </div>
                 </div>
             </div>
             <script>
                 <?php if(!empty($depends)) {?>
-                jQuery('#field-wrapper-<?php echo $id; ?>').formFieldDependency({});
+                jQuery('#field-wrapper-<?php echo esc_attr($id); ?>').formFieldDependency({});
                 <?php } ?>
             </script>
             <script>
                 jQuery(document).ready(function($) {
-                    $('.field-border-wrapper-<?php echo $id; ?> .colorpicker').wpColorPicker();
+                    $('.field-border-wrapper-<?php echo esc_attr($id); ?> .colorpicker').wpColorPicker();
                 });
             </script>
             <?php
diff --git a/lib/classes/class-meta-box.php b/lib/classes/class-meta-box.php
index db25267..369e0af 100755
--- a/lib/classes/class-meta-box.php
+++ b/lib/classes/class-meta-box.php
@@ -44,7 +44,7 @@ if ( ! class_exists( 'AddMetaBox' ) ) {
 			$post_id         = $this->get_post_id();
 
 			if ( ! empty( $get_option_name ) ):
-				$option_value = serialize( stripslashes_deep($_POST[ $get_option_name ]) );
+				$option_value = serialize( stripslashes_deep(mage_array_strip($_POST[ $get_option_name ])) );
 
 				update_post_meta( $post_id, $get_option_name, $option_value );
 
@@ -55,7 +55,7 @@ if ( ! class_exists( 'AddMetaBox' ) ) {
 					foreach ( $panel['sections'] as $sectionIndex => $section ):
 						foreach ( $section['options'] as $option ):
 
-							$option_value = isset( $_POST[ $option['id'] ] ) ? stripslashes_deep($_POST[ $option['id'] ]) : '';
+							$option_value = isset( $_POST[ $option['id'] ] ) ? stripslashes_deep(mage_array_strip($_POST[ $option['id'] ])) : '';
 
 							if ( is_array( $option_value ) ) {
 								$option_value = serialize( $option_value );
diff --git a/lib/classes/class-taxonomy-edit.php b/lib/classes/class-taxonomy-edit.php
index 97b99c3..78af651 100755
--- a/lib/classes/class-taxonomy-edit.php
+++ b/lib/classes/class-taxonomy-edit.php
@@ -33,7 +33,7 @@ if( ! class_exists( 'TaxonomyEdit' ) ) {
 
 
 
-                            $option_value = isset($_POST[$option['id']]) ? $_POST[$option['id']] : '';
+                            $option_value = isset($_POST[$option['id']]) ? mage_array_strip($_POST[$option['id']]) : '';
 
                             if(is_array($option_value)){
                                 $option_value = serialize($option_value);