WordPress.org

Make WordPress Core

Ticket #32246: 32246.diff

File 32246.diff, 1008 bytes (added by brentvr, 4 years ago)

add_query_arg xxs reminder

  • src/wp-includes/functions.php

     
    680680 * value. Additional values provided are expected to be encoded appropriately
    681681 * with urlencode() or rawurlencode().
    682682 *
     683 *    // Both examples will output: http://www.example.com/?key=value
     684 *
     685 *    $param1 = 'key';
     686 *    $param2 = 'value';
     687 *    $param3 = 'http://www.example.com';
     688 *
     689 *    // Parameters as separate arguments
     690 *    add_query_arg( $param1, $param2, $param3 );
     691 *
     692 *    // Parameters as array of key => value pairs
     693 *    add_query_arg( array( $param1 => $param2 ), $param3 ); // Where param1 = 'key'
     694 *
     695 * Reminder: The return value of this function should be escaped on output to
     696 * prevent exposure to XXS vulnerabilities using esc_url() or similar.
     697 *
    683698 * @since 1.5.0
    684699 *
    685700 * @param string|array $param1 Either newkey or an associative_array.