Opened 10 years ago
Closed 10 years ago
#27216 closed defect (bug) (fixed)
wp_ajax_time_format() and wp_ajax_date_format() need to return unslashed data
Reported by: | GregLone | Owned by: | nacin |
---|---|---|---|
Milestone: | 3.9 | Priority: | normal |
Severity: | normal | Version: | 3.4 |
Component: | Formatting | Keywords: | has-patch needs-testing |
Focuses: | ui | Cc: |
Description
Hello.
wp_ajax_time_format()
and wp_ajax_date_format()
are missing some unslash operation.
How to reproduce:
- Go to "Settings" >> "General" and look for the time format.
- Change the value in the "Custom" field, including some escaped characters. For example, in French we have
G \h i \m\i\n
by default, I change it toH \h i \m\i\n
. - Click outside the field, without submitting the form: an ajax call is made to update the time at the right of the field, with the new format.
- Result: instead of displaying "22 h 34 min", it displays "22 \10 34 \02\34\2".
The problem is the new format sent via ajax: H \h i \m\i\n
becomes H \\h i \\m\\i\\n
.
The solution is to unslash it before passing it through date_i18n()
, like this:
function wp_ajax_date_format() { wp_die( date_i18n( sanitize_option( 'date_format', wp_unslash( $_POST['date'] ) ) ) ); } function wp_ajax_time_format() { wp_die( date_i18n( sanitize_option( 'time_format', wp_unslash( $_POST['date'] ) ) ) ); }
Bye
Attachments (1)
Change History (4)
Note: See
TracTickets for help on using
tickets.
OP's suggested fix