Customize: Prevent dropping backslashes from input on general settings and settings for nav menus and some widgets.

Ensures that intentional backslashes (e.g. "\o/") can be used in: * Site title * Site description * Nav menu name * Custom Menu widget title * Tag Cloud widget title * Text widget body if can't `unfiltered_html` The latter three are also fixed on the widgets admin page. Fixes #35898. Built from https://develop.svn.wordpress.org/trunk@36622 git-svn-id: http://core.svn.wordpress.org/trunk@36589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 01:02:26 +00:00 · 2016-02-23 01:02:26 +00:00 · aa9ef96a52
parent e512f158df
commit aa9ef96a52
7 changed files with 16 additions and 10 deletions
--- a/wp-includes/class-wp-customize-setting.php
+++ b/wp-includes/class-wp-customize-setting.php
@ -496,7 +496,6 @@ class WP_Customize_Setting {
 	 * @return string|array|null Null if an input isn't valid, otherwise the sanitized value.
 	 */
 	public function sanitize( $value ) {
-		$value = wp_unslash( $value );

 		/**
 		 * Filter a Customize setting value in un-slashed form.
--- a/wp-includes/customize/class-wp-customize-nav-menu-setting.php
+++ b/wp-includes/customize/class-wp-customize-nav-menu-setting.php
@ -513,14 +513,14 @@ class WP_Customize_Nav_Menu_Setting extends WP_Customize_Setting {
 			$menu_data['menu-name'] = $value['name'];

 			$menu_id = $is_placeholder ? 0 : $this->term_id;
-			$r = wp_update_nav_menu_object( $menu_id, $menu_data );
+			$r = wp_update_nav_menu_object( $menu_id, wp_slash( $menu_data ) );
 			$original_name = $menu_data['menu-name'];
 			$name_conflict_suffix = 1;
 			while ( is_wp_error( $r ) && 'menu_exists' === $r->get_error_code() ) {
 				$name_conflict_suffix += 1;
 				/* translators: 1: original menu name, 2: duplicate count */
 				$menu_data['menu-name'] = sprintf( __( '%1$s (%2$d)' ), $original_name, $name_conflict_suffix );
-				$r = wp_update_nav_menu_object( $menu_id, $menu_data );
+				$r = wp_update_nav_menu_object( $menu_id, wp_slash( $menu_data ) );
 			}

 			if ( is_wp_error( $r ) ) {
--- a/wp-includes/nav-menu.php
+++ b/wp-includes/nav-menu.php
@ -196,12 +196,15 @@ function is_nav_menu_item( $menu_item_id = 0 ) {
 /**
 * Creates a navigation menu.
 *
+ * Note that <code>$menu_name</code> is expected to be pre-slashed.
+ *
 * @since 3.0.0
 *
 * @param string $menu_name Menu name.
 * @return int|WP_Error Menu ID on success, WP_Error object on failure.
 */
 function wp_create_nav_menu( $menu_name ) {
+	// expected_slashed ($menu_name)
 	return wp_update_nav_menu_object( 0, array( 'menu-name' => $menu_name ) );
 }

@ -252,6 +255,8 @@ function wp_delete_nav_menu( $menu ) {
 /**
 * Save the properties of a menu or create a new menu with those properties.
 *
+ * Note that <code>$menu_data</code> is expected to be pre-slashed.
+ *
 * @since 3.0.0
 *
 * @param int   $menu_id   The ID of the menu or "0" to create a new menu.
@ -259,6 +264,7 @@ function wp_delete_nav_menu( $menu ) {
 * @return int|WP_Error Menu ID on success, WP_Error object on failure.
 */
 function wp_update_nav_menu_object( $menu_id = 0, $menu_data = array() ) {
+	// expected_slashed ($menu_data)
 	$menu_id = (int) $menu_id;

 	$_menu = wp_get_nav_menu_object( $menu_id );
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -4,7 +4,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '4.5-alpha-36621';
+$wp_version = '4.5-alpha-36622';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
--- a/wp-includes/widgets/class-wp-nav-menu-widget.php
+++ b/wp-includes/widgets/class-wp-nav-menu-widget.php
@ -92,7 +92,7 @@
 	public function update( $new_instance, $old_instance ) {
 		$instance = array();
 		if ( ! empty( $new_instance['title'] ) ) {
-			$instance['title'] = sanitize_text_field( stripslashes( $new_instance['title'] ) );
+			$instance['title'] = sanitize_text_field( $new_instance['title'] );
 		}
 		if ( ! empty( $new_instance['nav_menu'] ) ) {
 			$instance['nav_menu'] = (int) $new_instance['nav_menu'];
--- a/wp-includes/widgets/class-wp-widget-tag-cloud.php
+++ b/wp-includes/widgets/class-wp-widget-tag-cloud.php
@ -98,7 +98,7 @@ class WP_Widget_Tag_Cloud extends WP_Widget {
 	 */
 	public function update( $new_instance, $old_instance ) {
 		$instance = array();
-		$instance['title'] = sanitize_text_field( stripslashes( $new_instance['title'] ) );
+		$instance['title'] = sanitize_text_field( $new_instance['title'] );
 		$instance['taxonomy'] = stripslashes($new_instance['taxonomy']);
 		return $instance;
 	}
--- a/wp-includes/widgets/class-wp-widget-text.php
+++ b/wp-includes/widgets/class-wp-widget-text.php
@ -80,10 +80,11 @@ class WP_Widget_Text extends WP_Widget {
 	public function update( $new_instance, $old_instance ) {
 		$instance = $old_instance;
 		$instance['title'] = sanitize_text_field( $new_instance['title'] );
-		if ( current_user_can('unfiltered_html') )
-			$instance['text'] =  $new_instance['text'];
-		else
-			$instance['text'] = wp_kses_post( stripslashes( $new_instance['text'] ) );
+		if ( current_user_can( 'unfiltered_html' ) ) {
+			$instance['text'] = $new_instance['text'];
+		} else {
+			$instance['text'] = wp_kses_post( $new_instance['text'] );
+		}
 		$instance['filter'] = ! empty( $new_instance['filter'] );
 		return $instance;
 	}