[wp-trac] [WordPress Trac] #27583: Move color sanitize function to wp-includes/formatting.php
WordPress Trac
noreply at wordpress.org
Sat Mar 29 18:47:34 UTC 2014
#27583: Move color sanitize function to wp-includes/formatting.php
-------------------------+-----------------------------
Reporter: tollmanz | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Formatting | Version: 3.4
Severity: normal | Keywords:
Focuses: template |
-------------------------+-----------------------------
{{{sanitize_hex_color()}}}, {{{sanitize_hex_color_no_hash()}}}, and
{{{maybe_hash_hex_color()}}} are excellent functions for sanitizing color
values. Unfortunately, they are defined in wp-includes/class-wp-customize-
manager.php which is only included when the customizer is initialized. I
recommend that the functions be moved to wp-includes/formatting.php, where
other similar functions are located, so that they can be used everywhere
in WordPress.
As an example, if you use a color input for adding a color option in a
theme or plugin, you should be properly sanitizing/escaping the value when
output in the HTML. Having these three functions available makes this
process easy and consistent. Additionally, it provides a level of
consistency between projects as different developers will be using the
same function for sanitizing data.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/27583>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list