#47645 closed defect (bug) (duplicate)
get_theme_mod sprint_f issue
Reported by: | katielgc | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | major | Version: | 5.2.2 |
Component: | Themes | Keywords: | reporter-feedback |
Focuses: | Cc: |
Description
Hi there,
I have found an issue when using get_theme_mod. If we use a text field in the customizer with a percent % sign within it. it will go through the get_theme_mod function and use the sprintf function within it.
For example, I have 25% off services in the sale field. This is outputted as 25ff services. This is line 922 of wp-includes/theme.php
Change History (7)
#2
@
5 years ago
- Keywords good-first-bug added
@joyously Good point. However, even if theme mods are purely presentational, this might also happen for fields used for something like percentage-based widths. A possible fix, if deemed necessary, is to escape any %
characters before a $default
string is passed to the sprintf()
call in get_theme_mod()
.
#3
follow-up:
↓ 6
@
5 years ago
- Keywords reporter-feedback added; needs-patch good-first-bug removed
#4
@
5 years ago
- Milestone Awaiting Review deleted
- Resolution set to duplicate
- Status changed from new to closed
Hi @katielgc, welcome to WordPress Trac!
Thanks for the report, we're already tracking this issue in #34290.
#5
in reply to:
↑ 1
@
5 years ago
Replying to joyously:
Theme options should be presentational, not contain content to display.
Thanks for your comment you can use text fields within the customizer and retrieve using get_theme_mod a user may like to have a % in their site title or if having a global banner sale we should be able to use customizer rather than creating a theme specific page for our clients.
Theme options should be presentational, not contain content to display.