From e121a5e03de9555679074cdd6b6bafd8d46e3149 Mon Sep 17 00:00:00 2001
From: Gary Pendergast
Date: Tue, 15 Jan 2019 00:42:30 +0000
Subject: [PATCH] Widgets: Remove unnecessary `sanitize_text_field()` calls in
core widget `::form()` methods.
This sanitisation only needs to be run in `::update()` to correctly clean up the input.
Props welcher, greenshady.
Fixes #42461.
git-svn-id: https://develop.svn.wordpress.org/trunk@44589 602fd350-edb4-49c9-b593-d223f7449a82
---
src/wp-includes/widgets/class-wp-widget-archives.php | 3 +--
src/wp-includes/widgets/class-wp-widget-calendar.php | 3 +--
src/wp-includes/widgets/class-wp-widget-categories.php | 3 +--
src/wp-includes/widgets/class-wp-widget-meta.php | 3 +--
4 files changed, 4 insertions(+), 8 deletions(-)
diff --git a/src/wp-includes/widgets/class-wp-widget-archives.php b/src/wp-includes/widgets/class-wp-widget-archives.php
index 4d0581ade6..ab6e0d9ab2 100644
--- a/src/wp-includes/widgets/class-wp-widget-archives.php
+++ b/src/wp-includes/widgets/class-wp-widget-archives.php
@@ -179,9 +179,8 @@ class WP_Widget_Archives extends WP_Widget {
'dropdown' => '',
)
);
- $title = sanitize_text_field( $instance['title'] );
?>
-
+
id="get_field_id( 'dropdown' ); ?>" name="get_field_name( 'dropdown' ); ?>" />
diff --git a/src/wp-includes/widgets/class-wp-widget-calendar.php b/src/wp-includes/widgets/class-wp-widget-calendar.php
index 08de0775f9..572be171fc 100644
--- a/src/wp-includes/widgets/class-wp-widget-calendar.php
+++ b/src/wp-includes/widgets/class-wp-widget-calendar.php
@@ -94,10 +94,9 @@ class WP_Widget_Calendar extends WP_Widget {
*/
public function form( $instance ) {
$instance = wp_parse_args( (array) $instance, array( 'title' => '' ) );
- $title = sanitize_text_field( $instance['title'] );
?>
-
+
'' ) );
- $title = sanitize_text_field( $instance['title'] );
$count = isset( $instance['count'] ) ? (bool) $instance['count'] : false;
$hierarchical = isset( $instance['hierarchical'] ) ? (bool) $instance['hierarchical'] : false;
$dropdown = isset( $instance['dropdown'] ) ? (bool) $instance['dropdown'] : false;
?>
-
+
/>
diff --git a/src/wp-includes/widgets/class-wp-widget-meta.php b/src/wp-includes/widgets/class-wp-widget-meta.php
index c02fbeb41f..320ab138d4 100644
--- a/src/wp-includes/widgets/class-wp-widget-meta.php
+++ b/src/wp-includes/widgets/class-wp-widget-meta.php
@@ -113,9 +113,8 @@ class WP_Widget_Meta extends WP_Widget {
*/
public function form( $instance ) {
$instance = wp_parse_args( (array) $instance, array( 'title' => '' ) );
- $title = sanitize_text_field( $instance['title'] );
?>
-
+