WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 5 years ago

Last modified 5 years ago

#11722 closed defect (bug) (fixed)

body_class() creates an invalid class when page template contains a . [full stop]

Reported by: willmot Owned by:
Milestone: 3.0 Priority: low
Severity: minor Version: 3.0
Component: Template Keywords: has-patch
Focuses: Cc:

Description

Confirmed on Trunk and 2.9.1

Steps to reproduce

  1. Create a new file called template.contact.php that contains the template code:
/*
Template Name: Contact
*/

Create a page through the WordPress admin and select the template.

View the newly created page, view source and notice that body has a class of "page-template-template.contact-php".

Weep in the knowledge that you cannot use css to target that class.

Expected result

Full stops should be converted to a hyphen.

Attachments (2)

post-template.diff (687 bytes) - added by willmot 6 years ago.
sanitize_html_class for page templates
post-template.2.diff (712 bytes) - added by willmot 6 years ago.
str_replace full stops for hyphens before calling sanitize_html_class

Download all attachments as: .zip

Change History (8)

@willmot6 years ago

sanitize_html_class for page templates

comment:1 @willmot6 years ago

  • Summary changed from body_class() creates an invalid class when page template contains a . [dot] to body_class() creates an invalid class when page template contains a . [full stop]

The full stop in the file extension is properly escaped.

This happens in line 440 of wp-includes/post-template.php

$classes[] = 'page-template-' . str_replace( '.php', '-php', get_post_meta( $pageID, '_wp_page_template', true ) );

Attached patch simple removes the str_replace and uses the sanitize_html_class function instead.

There could be a somewhat minor backwards compat issue as sanitize_html_class simple removes invalid characters instead replacing them with a hyphen which means that the file extension is sanitized to "php" instead of "-php".

Also I pass an empty fallback to sanitize_html_class, is there something better we could show in the unlikely event that someone has a filename that contains only invalid characters. Perhaps just the string "invalid-filename" or something.

comment:2 @willmot6 years ago

  • Keywords has-patch added

comment:3 @willmot6 years ago

  • Keywords body_class removed

@willmot6 years ago

str_replace full stops for hyphens before calling sanitize_html_class

comment:4 @willmot6 years ago

post-template.2.diff

This patch would be safer for backwards compatibility and is also prettier for my specific case as the template.contact.php becomes template-contact-php instead of templatecontactphp.

It would be nice if sanitize_html_class replaced some characters with hyphens and removed others, perhaps by pushing the string through sanitize_title first?

comment:5 @automattor5 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [12664]) Sanitize page template class. Props willmot. fixes #11722

comment:6 @ryan5 years ago

sanitize_title() is pretty heavyweight. We can consider improving sanitize_html_class() in another ticket.

Note: See TracTickets for help on using tickets.