#18080 closed defect (bug) (invalid)
Custom meta fields content is getting stripped if double quote is used
Reported by: | l3rady | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 3.2 |
Component: | General | Keywords: | needs-testing |
Focuses: | Cc: |
Description
I've only just noticed this in 3.2 as my code worked fine in 3.1 fine.
add_action('save_post','pd_page_home_save'); function pd_page_home_save() { global $post; $template_file = get_post_meta($post->ID, '_wp_page_template', TRUE); if (isset($_POST['home_photo_wall_details_hidden']) && 'page-template-home.php' == $template_file) { if(empty($_POST['home_pw1'])) {delete_post_meta($post->ID, "home_pw1");} else {update_post_meta($post->ID, "home_pw1", $_POST["home_pw1"]);} if(empty($_POST['home_pw2'])) {delete_post_meta($post->ID, "home_pw2");} else {update_post_meta($post->ID, "home_pw2", $_POST["home_pw2"]);} if(empty($_POST['home_pw3'])) {delete_post_meta($post->ID, "home_pw3");} else {update_post_meta($post->ID, "home_pw3", $_POST["home_pw3"]);} if(empty($_POST['home_pw4'])) {delete_post_meta($post->ID, "home_pw4");} else {update_post_meta($post->ID, "home_pw4", $_POST["home_pw4"]);} if(empty($_POST['home_pw5'])) {delete_post_meta($post->ID, "home_pw5");} else {update_post_meta($post->ID, "home_pw5", $_POST["home_pw5"]);} } }
Have basic meta fields set-up and the above code deals with saving the data.
But since version 3.2 if I enter a double quote anywhere in the custom field and content after it is removed.
So for example if I enter foo"bar
I end up with foo
. If I enter "foo"bar
I end up with a blank field.
Change History (4)
Note: See
TracTickets for help on using
tickets.
needed to use
esc_attr()
on input fields *doh*