WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Docs: Overhaul the DocBlock for `add_query_arg()` to attempt to better explain the various call signatures it accepts. 

Also adds a couple of in-DocBlock examples illustrating single key and value, and associative array usage. Retains the note about the unescaped return value.

Props johnbillion.
See #33912.

Built from https://develop.svn.wordpress.org/trunk@34511


git-svn-id: http://core.svn.wordpress.org/trunk@34475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Drew Jaynes 2015-09-24 19:32:24 +00:00
parent a6c8b7aafa
commit 92574015aa
2 changed files with 28 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
wp-includes/functions.php
View File

@ -670,26 +670,39 @@ function _http_build_query( $data, $prefix = null, $sep = null, $key = '', $urle
} }
/** /**
* Retrieve a modified URL query string. * Retrieves a modified URL query string.
* *
* You can rebuild the URL and append a new query variable to the URL query by * You can rebuild the URL and append query variables to the URL query by using this function.
* using this function. You can also retrieve the full URL with query data. * There are two ways to use this function; either a single key and value, or an associative array.
* *
* Adding a single key & value or an associative array. Setting a key value to * Using a single key and value:
* an empty string removes the key. Omitting oldquery_or_uri uses the $_SERVER
* value. Additional values provided are expected to be encoded appropriately
* with urlencode() or rawurlencode().
* *
* Important: The return value of add_query_arg() is not escaped by default. * add_query_arg( 'key', 'value', 'http://example.com' );
* Output should be late-escaped with esc_url() or similar to help prevent *
* vulnerability to cross-site scripting (XSS) attacks. * Using an associative array:
*
* add_query_arg( array(
* 'key1' => 'value1',
* 'key2' => 'value2',
* ), 'http://example.com' );
*
* Omitting the URL from either use results in the current URL being used
* (the value of `$_SERVER['REQUEST_URI']`).
*
* Values are expected to be encoded appropriately with urlencode() or rawurlencode().
*
* Setting any query variable's value to boolean false removes the key (see remove_query_arg()).
*
* Important: The return value of add_query_arg() is not escaped by default. Output should be
* late-escaped with esc_url() or similar to help prevent vulnerability to cross-site scripting
* (XSS) attacks.
* *
* @since 1.5.0 * @since 1.5.0
* *
* @param string|array $param1 Either newkey or an associative_array. * @param string|array $key Either a query variable key, or an associative array of query variables.
* @param string $param2 Either newvalue or oldquery or URI. * @param string $value Optional. Either a query variable value, or a URL to act upon.
* @param string $param3 Optional. Old query or URI. * @param string $url Optional. A URL to act upon.
* @return string New URL query string. * @return string New URL query string (unescaped).
*/ */
function add_query_arg() { function add_query_arg() {
$args = func_get_args(); $args = func_get_args();

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.4-alpha-34510'; $wp_version = '4.4-alpha-34511';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.