[buddypress-trac] [BuddyPress Trac] #6679: Allow bp_field_css_class() to accept more than one class name.
buddypress-trac
noreply at wordpress.org
Fri Nov 13 19:54:18 UTC 2015
#6679: Allow bp_field_css_class() to accept more than one class name.
--------------------------------------+-----------------------
Reporter: dcavins | Owner: dcavins
Type: enhancement | Status: accepted
Priority: normal | Milestone: 2.5
Component: Component - XProfile | Version: 2.3.3
Severity: normal | Resolution:
Keywords: good-first-bug has-patch |
--------------------------------------+-----------------------
Changes (by dcavins):
* keywords: needs-patch good-first-bug => good-first-bug has-patch
Comment:
I've attached a new patch that uses regex and `sanitize_html_class()` to
filter input. I've also added tests.
Some interesting things about using `preg_split( '#\s+#', ' pumpkin
spice ' )` vs `explode()`:
* `preg_split()` gracefully handles multiple delimiters, like space-space-
tab-space, that would cause `explode()` to lose its mind.
* Both will generate extra array elements if the string contains leading
or trailing spaces. They're empty, so I don't think we have to guard
against that case.
The WP reference from Brajesh (thanks again for your comments and
interest) uses `esc_attr()` to sanitize strings, but it seems like
`sanitize_html_class()` is the better choice. For example:
`esc_attr( '%class$name<' )` yields `%class$name<`
`sanitize_html_class( '%class$name<' )` yields `classname` which seems
better.
Thanks again for the comments.
-David
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/6679#comment:8>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list