[wp-trac] [WordPress Trac] #57686: Introduce wp_trigger_error() to compliment _doing_it_wrong()

WordPress Trac noreply at wordpress.org
Wed Sep 13 22:41:44 UTC 2023 

#57686: Introduce wp_trigger_error() to compliment _doing_it_wrong()
-------------------------------------------------+-------------------------
 Reporter:  azaozz                               |       Owner:
                                                 |  hellofromTonya
     Type:  enhancement                          |      Status:  assigned
 Priority:  normal                               |   Milestone:  6.4
Component:  General                              |     Version:
 Severity:  normal                               |  Resolution:
 Keywords:  needs-dev-note has-patch has-unit-   |     Focuses:
  tests commit                                   |
-------------------------------------------------+-------------------------

Comment (by peterwilsoncc):

 > What if those instances don't use wp_trigger_error()?
 > What if instead those instances escape the parts of the message that are
 incoming to each function, but don't escape the hardcoded additions to the
 message done in each function?

 I think this might be a good compromise.

 It handles existing Core patterns and allows contributors to figure out a
 solution to PHP's logging/displaying conflict at a later date.

 > Do you think supporting <code>, <strong>, <a href>, <br>, and possibly
 <em> could work to cover the vast majority of cases?

 This could work as a compromise. KSES has a `_deprecated_*` and
 `_doing_it_wrong` call so it would probably need to be done in conjunction
 with the above approach.

 > These strings/messages are targeted at developers and are not (should
 not ever be) displayed in production. If they were targeted at users/for
 use in production I think they should have been escaped and made "safe" by
 all means.

 I agree, they ought not be used in production, but there have been reports
 of it being the case in the past so my main motivation is for core to
 protect people from themselves.

 Let us take a look at the KSES approach and see if it's good ("us" being
 the folks working on this ticket).

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/57686#comment:51>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list