[wp-trac] [WordPress Trac] #32257: Patch: add support for multi-line textarea sanitization

WordPress Trac noreply at wordpress.org
Tue May 5 17:03:57 UTC 2015 

#32257: Patch: add support for multi-line textarea sanitization
-------------------------+------------------------------
 Reporter:  ottok        |       Owner:
     Type:  enhancement  |      Status:  new
 Priority:  normal       |   Milestone:  Awaiting Review
Component:  Security     |     Version:  trunk
 Severity:  normal       |  Resolution:
 Keywords:               |     Focuses:
-------------------------+------------------------------

Comment (by iandunn):

 Hi ottok, I can't speak to whether this functionality is desired or not,
 but if it is, I have a few implementation recommendations.

 it looks like `sanitize_textarea_field()` is almost identical to
 `sanitize_text_field()`, just minus the bits that strip newlines. Rather
 than duplicating code -- which creates lots of
 [http://programmer.97things.oreilly.com/wiki/index.php/Don't_Repeat_Yourself
 maintenance issues] -- would it be better to add a new parameter to
 `sanitize_text_field()` to control whether or not whitespace is stripped?

 It would default to stripping whitespace, so that the existing behavior is
 maintained. Then, a wrapper named `sanitize_textarea_field()` could
 optionally be introduced to call `sanitize_text_field()` with the new
 parameter set to not strip whitespace.

 {{{
 function sanitize_text_field( $str, $whitespace = 'strip' ) {
     // ...
 }

 function sanitize_textarea_field( $str ) {
     sanitize_text_field( $str, 'preserve' );
 }
 }}}

 Also, it's best to have [https://vip.wordpress.com/documentation/creating-
 good-changesets/separate separate tickets/patches for separate issues],
 rather than mixing unrelated things together. IIRC, formatting-only
 changes are generally rejected since they force other patches to be
 refreshed against the new code. Instead, formatting improvements are made
 at the same time that those lines need to be changed for a more
 substantial reason.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/32257#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list