From aa9ef96a52422488c85da830fd65651132f3abe5 Mon Sep 17 00:00:00 2001 From: Weston Ruter Date: Tue, 23 Feb 2016 01:02:26 +0000 Subject: [PATCH] Customize: Prevent dropping backslashes from input on general settings and settings for nav menus and some widgets. Ensures that intentional backslashes (e.g. "\o/") can be used in: * Site title * Site description * Nav menu name * Custom Menu widget title * Tag Cloud widget title * Text widget body if can't `unfiltered_html` The latter three are also fixed on the widgets admin page. Fixes #35898. Built from https://develop.svn.wordpress.org/trunk@36622 git-svn-id: http://core.svn.wordpress.org/trunk@36589 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/class-wp-customize-setting.php | 1 - .../customize/class-wp-customize-nav-menu-setting.php | 4 ++-- wp-includes/nav-menu.php | 6 ++++++ wp-includes/version.php | 2 +- wp-includes/widgets/class-wp-nav-menu-widget.php | 2 +- wp-includes/widgets/class-wp-widget-tag-cloud.php | 2 +- wp-includes/widgets/class-wp-widget-text.php | 9 +++++---- 7 files changed, 16 insertions(+), 10 deletions(-) diff --git a/wp-includes/class-wp-customize-setting.php b/wp-includes/class-wp-customize-setting.php index 7fe88e8333..4593729886 100644 --- a/wp-includes/class-wp-customize-setting.php +++ b/wp-includes/class-wp-customize-setting.php @@ -496,7 +496,6 @@ class WP_Customize_Setting { * @return string|array|null Null if an input isn't valid, otherwise the sanitized value. */ public function sanitize( $value ) { - $value = wp_unslash( $value ); /** * Filter a Customize setting value in un-slashed form. diff --git a/wp-includes/customize/class-wp-customize-nav-menu-setting.php b/wp-includes/customize/class-wp-customize-nav-menu-setting.php index 5562a8df52..8d6436c68c 100644 --- a/wp-includes/customize/class-wp-customize-nav-menu-setting.php +++ b/wp-includes/customize/class-wp-customize-nav-menu-setting.php @@ -513,14 +513,14 @@ class WP_Customize_Nav_Menu_Setting extends WP_Customize_Setting { $menu_data['menu-name'] = $value['name']; $menu_id = $is_placeholder ? 0 : $this->term_id; - $r = wp_update_nav_menu_object( $menu_id, $menu_data ); + $r = wp_update_nav_menu_object( $menu_id, wp_slash( $menu_data ) ); $original_name = $menu_data['menu-name']; $name_conflict_suffix = 1; while ( is_wp_error( $r ) && 'menu_exists' === $r->get_error_code() ) { $name_conflict_suffix += 1; /* translators: 1: original menu name, 2: duplicate count */ $menu_data['menu-name'] = sprintf( __( '%1$s (%2$d)' ), $original_name, $name_conflict_suffix ); - $r = wp_update_nav_menu_object( $menu_id, $menu_data ); + $r = wp_update_nav_menu_object( $menu_id, wp_slash( $menu_data ) ); } if ( is_wp_error( $r ) ) { diff --git a/wp-includes/nav-menu.php b/wp-includes/nav-menu.php index 3b878f762b..9627d27edb 100644 --- a/wp-includes/nav-menu.php +++ b/wp-includes/nav-menu.php @@ -196,12 +196,15 @@ function is_nav_menu_item( $menu_item_id = 0 ) { /** * Creates a navigation menu. * + * Note that $menu_name is expected to be pre-slashed. + * * @since 3.0.0 * * @param string $menu_name Menu name. * @return int|WP_Error Menu ID on success, WP_Error object on failure. */ function wp_create_nav_menu( $menu_name ) { + // expected_slashed ($menu_name) return wp_update_nav_menu_object( 0, array( 'menu-name' => $menu_name ) ); } @@ -252,6 +255,8 @@ function wp_delete_nav_menu( $menu ) { /** * Save the properties of a menu or create a new menu with those properties. * + * Note that $menu_data is expected to be pre-slashed. + * * @since 3.0.0 * * @param int $menu_id The ID of the menu or "0" to create a new menu. @@ -259,6 +264,7 @@ function wp_delete_nav_menu( $menu ) { * @return int|WP_Error Menu ID on success, WP_Error object on failure. */ function wp_update_nav_menu_object( $menu_id = 0, $menu_data = array() ) { + // expected_slashed ($menu_data) $menu_id = (int) $menu_id; $_menu = wp_get_nav_menu_object( $menu_id ); diff --git a/wp-includes/version.php b/wp-includes/version.php index d580cfb37a..dc2f81e0f4 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.5-alpha-36621'; +$wp_version = '4.5-alpha-36622'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. diff --git a/wp-includes/widgets/class-wp-nav-menu-widget.php b/wp-includes/widgets/class-wp-nav-menu-widget.php index 22ec861076..d6ac26c948 100644 --- a/wp-includes/widgets/class-wp-nav-menu-widget.php +++ b/wp-includes/widgets/class-wp-nav-menu-widget.php @@ -92,7 +92,7 @@ public function update( $new_instance, $old_instance ) { $instance = array(); if ( ! empty( $new_instance['title'] ) ) { - $instance['title'] = sanitize_text_field( stripslashes( $new_instance['title'] ) ); + $instance['title'] = sanitize_text_field( $new_instance['title'] ); } if ( ! empty( $new_instance['nav_menu'] ) ) { $instance['nav_menu'] = (int) $new_instance['nav_menu']; diff --git a/wp-includes/widgets/class-wp-widget-tag-cloud.php b/wp-includes/widgets/class-wp-widget-tag-cloud.php index 99f7af6ea1..4115c79387 100644 --- a/wp-includes/widgets/class-wp-widget-tag-cloud.php +++ b/wp-includes/widgets/class-wp-widget-tag-cloud.php @@ -98,7 +98,7 @@ class WP_Widget_Tag_Cloud extends WP_Widget { */ public function update( $new_instance, $old_instance ) { $instance = array(); - $instance['title'] = sanitize_text_field( stripslashes( $new_instance['title'] ) ); + $instance['title'] = sanitize_text_field( $new_instance['title'] ); $instance['taxonomy'] = stripslashes($new_instance['taxonomy']); return $instance; } diff --git a/wp-includes/widgets/class-wp-widget-text.php b/wp-includes/widgets/class-wp-widget-text.php index 96cf642908..5a1a056a54 100644 --- a/wp-includes/widgets/class-wp-widget-text.php +++ b/wp-includes/widgets/class-wp-widget-text.php @@ -80,10 +80,11 @@ class WP_Widget_Text extends WP_Widget { public function update( $new_instance, $old_instance ) { $instance = $old_instance; $instance['title'] = sanitize_text_field( $new_instance['title'] ); - if ( current_user_can('unfiltered_html') ) - $instance['text'] = $new_instance['text']; - else - $instance['text'] = wp_kses_post( stripslashes( $new_instance['text'] ) ); + if ( current_user_can( 'unfiltered_html' ) ) { + $instance['text'] = $new_instance['text']; + } else { + $instance['text'] = wp_kses_post( $new_instance['text'] ); + } $instance['filter'] = ! empty( $new_instance['filter'] ); return $instance; }