WordPress.org

Make WordPress Core


Ignore:
Timestamp:
01/15/2019 12:42:30 AM (7 months ago)
Author:
pento
Message:

Widgets: Remove unnecessary sanitize_text_field() calls in core widget ::form() methods.

This sanitisation only needs to be run in ::update() to correctly clean up the input.

Props welcher, greenshady.
Fixes #42461.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/widgets/class-wp-widget-categories.php

    r43571 r44589  
    161161        //Defaults
    162162        $instance     = wp_parse_args( (array) $instance, array( 'title' => '' ) );
    163         $title        = sanitize_text_field( $instance['title'] );
    164163        $count        = isset( $instance['count'] ) ? (bool) $instance['count'] : false;
    165164        $hierarchical = isset( $instance['hierarchical'] ) ? (bool) $instance['hierarchical'] : false;
     
    167166        ?>
    168167        <p><label for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title:' ); ?></label>
    169         <input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $title ); ?>" /></p>
     168        <input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $instance['title'] ); ?>" /></p>
    170169
    171170        <p><input type="checkbox" class="checkbox" id="<?php echo $this->get_field_id( 'dropdown' ); ?>" name="<?php echo $this->get_field_name( 'dropdown' ); ?>"<?php checked( $dropdown ); ?> />
Note: See TracChangeset for help on using the changeset viewer.