Make WordPress Core


Ignore:
Timestamp:
01/15/2019 12:42:30 AM (6 years ago)
Author:
pento
Message:

Widgets: Remove unnecessary sanitize_text_field() calls in core widget ::form() methods.

This sanitisation only needs to be run in ::update() to correctly clean up the input.

Props welcher, greenshady.
Fixes #42461.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/widgets/class-wp-widget-meta.php

    r43571 r44589  
    114114    public function form( $instance ) {
    115115        $instance = wp_parse_args( (array) $instance, array( 'title' => '' ) );
    116         $title    = sanitize_text_field( $instance['title'] );
    117116        ?>
    118             <p><label for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title:' ); ?></label> <input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $title ); ?>" /></p>
     117            <p><label for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title:' ); ?></label> <input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $instance['title'] ); ?>" /></p>
    119118        <?php
    120119    }
Note: See TracChangeset for help on using the changeset viewer.