[wp-trac] [WordPress Trac] #43141: wp_nonce_url() in combination with sprintf %s
WordPress Trac
noreply at wordpress.org
Sun Jan 21 20:06:36 UTC 2018
#43141: wp_nonce_url() in combination with sprintf %s
--------------------------+-----------------------------
Reporter: qvarting | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Formatting | Version: 4.9.2
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
Hi,
The following code does not output the correct data:
{{{#!php
<?php
echo sprintf(
'<a href="' . esc_url( wp_nonce_url( admin_url('admin-post.php') .
'?action=%s&item_id=123' ) ) . '">%s</a>',
$enabled ? 'action_disable' : 'action_enable',
$enabled ? 'Disable item' : 'Enable item'
);
}}}
Result:
/wp-admin/admin-
post.php?action=%20%20%20%20%20%20%20%20%20%20%20action_disable&item_id=123&_wpnonce=05bd1b0af4
Note all spaces after action=
Cheers
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43141>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list