Make WordPress Core

Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#47645 closed defect (bug) (duplicate)

get_theme_mod sprint_f issue

Reported by: katielgc's profile katielgc Owned by:
Milestone: Priority: normal
Severity: major Version: 5.2.2
Component: Themes Keywords: reporter-feedback
Focuses: Cc:

Description

Hi there,

I have found an issue when using get_theme_mod. If we use a text field in the customizer with a percent % sign within it. it will go through the get_theme_mod function and use the sprintf function within it.

For example, I have 25% off services in the sale field. This is outputted as 25ff services. This is line 922 of wp-includes/theme.php

Change History (7)

#1 follow-up: @joyously
5 years ago

Theme options should be presentational, not contain content to display.

#2 @davidbaumwald
5 years ago

  • Keywords good-first-bug added

@joyously Good point. However, even if theme mods are purely presentational, this might also happen for fields used for something like percentage-based widths. A possible fix, if deemed necessary, is to escape any % characters before a $default string is passed to the sprintf() call in get_theme_mod().

Last edited 5 years ago by davidbaumwald (previous) (diff)

#3 follow-up: @dlh
5 years ago

  • Keywords reporter-feedback added; needs-patch good-first-bug removed

Hi @katielgc, and welcome to WordPress Trac!

This issue sounds similar to the one already already being tracked in #34290. Could you take a look at #34290 to see whether it's the same?

#4 @SergeyBiryukov
5 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hi @katielgc, welcome to WordPress Trac!

Thanks for the report, we're already tracking this issue in #34290.

#5 in reply to: ↑ 1 @katielgc
5 years ago

Replying to joyously:

Theme options should be presentational, not contain content to display.

Thanks for your comment you can use text fields within the customizer and retrieve using get_theme_mod a user may like to have a % in their site title or if having a global banner sale we should be able to use customizer rather than creating a theme specific page for our clients.

#6 in reply to: ↑ 3 @katielgc
5 years ago

Replying to dlh:

Hi @katielgc, and welcome to WordPress Trac!

This issue sounds similar to the one already already being tracked in #34290. Could you take a look at #34290 to see whether it's the same?

Hi @dlh yes this is the same issue thank you, would a fix to this be released in the next update?

#7 @dlh
5 years ago

#34290 isn't currently scheduled to be fixed in the next release, but that could change if a patch is submitted and tested. If you're interested, feel free to review that ticket and upload a patch!

Note: See TracTickets for help on using tickets.