From 4f72da87c93755f7da0c5e73ca26c5b9e091eeb9 Mon Sep 17 00:00:00 2001
From: Daryl Koopersmith <koop@git.wordpress.org>
Date: Fri, 25 May 2012 18:54:57 +0000
Subject: [PATCH] Theme Customizer: Improve hex color sanitization functions.
 fixes #20600, see #19910.

Instead of fetching default header_textcolor manually, return null to do so automatically.
Improve hex regex.


git-svn-id: https://develop.svn.wordpress.org/trunk@20910 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-includes/class-wp-customize-manager.php | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/wp-includes/class-wp-customize-manager.php b/wp-includes/class-wp-customize-manager.php
index 207e442d7d..37dd02fd01 100644
--- a/wp-includes/class-wp-customize-manager.php
+++ b/wp-includes/class-wp-customize-manager.php
@@ -846,10 +846,7 @@ final class WP_Customize_Manager {
 
 // Callback function for sanitizing the header textcolor setting.
 function sanitize_header_textcolor( $color ) {
-	if ( empty( $color ) )
-		return get_theme_support( 'custom-header', 'default-text-color' );
-
-	elseif ( $color == 'blank' )
+	if ( $color == 'blank' )
 		return 'blank';
 
 	return sanitize_hexcolor( $color );
@@ -859,8 +856,9 @@ function sanitize_header_textcolor( $color ) {
 function sanitize_hexcolor( $color ) {
 	$color = preg_replace( '/[^0-9a-fA-F]/', '', $color );
 
-	if ( preg_match('|[A-Fa-f0-9]{3,6}|', $color ) )
+	// 3 or 6 hex digits.
+	if ( preg_match('|^([A-Fa-f0-9]{3}){1,2}$|', $color ) )
 		return $color;
 
-	return $color;
+	return null;
 }