WordPress.org

Make WordPress Core


Ignore:
Timestamp:
01/15/2019 12:42:30 AM (9 months ago)
Author:
pento
Message:

Widgets: Remove unnecessary sanitize_text_field() calls in core widget ::form() methods.

This sanitisation only needs to be run in ::update() to correctly clean up the input.

Props welcher, greenshady.
Fixes #42461.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/widgets/class-wp-widget-calendar.php

    r42747 r44589  
    9595    public function form( $instance ) {
    9696        $instance = wp_parse_args( (array) $instance, array( 'title' => '' ) );
    97         $title    = sanitize_text_field( $instance['title'] );
    9897        ?>
    9998        <p><label for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title:' ); ?></label>
    100         <input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $title ); ?>" /></p>
     99        <input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $instance['title'] ); ?>" /></p>
    101100        <?php
    102101    }
Note: See TracChangeset for help on using the changeset viewer.