[wp-trac] [WordPress Trac] #16113: Appearance->Menu panel's module's search function doesn't see posts/pages with newlines in content

WordPress Trac wp-trac at lists.automattic.com
Wed Jan 5 20:24:24 UTC 2011 

#16113: Appearance->Menu panel's module's search function doesn't see posts/pages
with newlines in content
-------------------------+-------------------------------------------------
 Reporter:  alxndr       |      Owner:
     Type:  defect       |     Status:  new
  (bug)                  |  Milestone:  Awaiting Review
 Priority:  normal       |    Version:  3.0.4
Component:  Menus        |   Keywords:  menus, newline, sanitizing,
 Severity:  normal       |  htmlattributes
-------------------------+-------------------------------------------------
 In the Menus feature introduced in WP3, the Search function in the Posts
 and Pages modules apparently cannot handle posts which have multiple lines
 of content.

 The search feature sends out a string to search for to /wp-admin/admin-
 ajax.php, which sends back a bunch of <li> elements (one per post/page
 found), each containing a bunch of <input> elements (for post/page ID,
 title, etc). One of the hidden <input>s is the full content of the
 post/page, and it does not sanitize newlines in any way. This apparently
 breaks whatever takes the <li>s from admin-ajax.php and sticks them into
 the results <ul> in those modules. I think I've confirmed this by
 modifying line 252 in /wp-admin/includes/nav-menu.php (the hidden <input>
 with the full content, class="menu-item-description"); changing this:

 {{{
 $output .= '<input type="hidden" class="menu-item-description" name="menu-
 item[' . $possible_object_id . '][menu-item-description]" value="'.
 esc_attr( $item->description ) .'" />';
 }}}

 to this:

 {{{
 $output .= '<input type="hidden" class="menu-item-description" name="menu-
 item[' . $possible_object_id . '][menu-item-description]" value="'.
 str_replace(array("\n","\r"),'',esc_attr( $item->description )) .'" />';
 }}}

 ...thus removing any CRs and LFs from the attribute. After that, search
 feature shows posts with multiple lines of content and allows them to be
 added to a menu.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/16113>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list