WordPress.org

Make WordPress Core

Opened 17 months ago

Closed 17 months ago

Last modified 17 months ago

#22668 closed feature request (invalid)

Introduce esc_attr() reverted function

Reported by: alexvorn2 Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Formatting Keywords: close
Focuses: Cc:

Description

A function that will decode

< > & " '

to

< > & " '

(less than, greater than, ampersand, double quote, single quote).

Change History (4)

comment:1 follow-up: dd3217 months ago

  • Keywords close added
  • Type changed from defect (bug) to feature request

Sounds like you're after html_entity_decode()

comment:2 nacin17 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

comment:3 in reply to: ↑ 1 alexvorn217 months ago

Replying to dd32:

Sounds like you're after html_entity_decode()

this function does not work for single quote.

If a such function exists - esc_attr() than logically it should also exist a reverted function like capture_attr() or cap_attr() for such task.

function esc_attr():

function esc_attr( $text ) {
	$safe_text = wp_check_invalid_utf8( $text );
	$safe_text = _wp_specialchars( $safe_text, ENT_QUOTES );
	return apply_filters( 'attribute_escape', $safe_text, $text );
}

function cap_attr():

function cap_attr( $text ) {
	$safe_text = wp_specialchars_decode( $text, ENT_QUOTES );
	return apply_filters( 'attribute_capture', $safe_text, $text );
}

No?

Version 0, edited 17 months ago by alexvorn2 (next)

comment:4 dd3217 months ago

If a such function exists - esc_attr() then logically it should also exist a reverted function like capture_attr() or cap_attr() for such task.

esc_attr() is designed for escaping data to be used in HTML attributes, There are very rare cases where you should need to convert the data back, If you're saving something using esc_attr() and then later need to convert it back, you're probably doing it wrong, or using the wrong form of sanitization.

this function does not work for single quote.

When used in it's compatibility mode (default) it doesn't, however, like most PHP functions, it has a range of configuration parameters.

echo html_entity_decode( '&lt; &gt; &amp; &quot; &#039;', ENT_QUOTES ); // outputs < > & " '
Note: See TracTickets for help on using tickets.