[wp-trac] [WordPress Trac] #54160: sanitize_key() / _wp_customize_include() is not able to handle non-scalar values
WordPress Trac
noreply at wordpress.org
Fri Dec 10 20:55:33 UTC 2021
#54160: sanitize_key() / _wp_customize_include() is not able to handle non-scalar
values
----------------------------------------+-----------------------------
Reporter: dd32 | Owner: hellofromTonya
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: 5.9
Component: Formatting | Version:
Severity: normal | Resolution:
Keywords: has-patch needs-unit-tests | Focuses:
----------------------------------------+-----------------------------
Comment (by wppunk):
@hellofromTonya I used to in my code dynamic attribute that sometimes can
be a digit and sometimes a string. An example:
{{{
foreach( $choices as $key => $value ) {
$field_name = sprintf( 'field[%s]', sanitize_key( $key ) );
printf(
'<input name="%s" value="1"/>'
esc_attr( $field_name )
);
}
}}}
And the `$choices` variable can be as:
{{{
$choices = [
esc_html__( 'Red', 'great-example' ),
esc_html__( 'Blue', 'great-example' ),
esc_html__( 'Green', 'great-example' ),
];
}}}
Here the `$key` will be `0`, `1`, or `2`.
And as:
{{{
$choices = [
'red' => esc_html__( 'Red', 'great-example' ),
'blue' => esc_html__( 'Blue', 'great-example' ),
'green' => esc_html__( 'Green', 'great-example' ),
];
}}}
And here, the `$key` will be `red`, `blue`, or `green`.
I can use the `(string) $key` in my code, but what about other plugins and
themes?
I would recommend due to backward compatibility update PHPDoc for the
`$key` variable:
{{{
* @param int|float|string $key String key`
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54160#comment:18>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list