Changeset 5684 for trunk/src/includes/replies/functions.php

Timestamp:

04/15/2015 03:06:31 PM (11 years ago)

Author:

johnjamesjacoby

Message:

General: Use sanitize_text_field() in lieu of old-bbPress style pre-escaping technique.

File:

• trunk/src/includes/replies/functions.php (modified) (8 diffs)

trunk/src/includes/replies/functions.php

@@ -90 +90 @@
  * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error}
  * @uses remove_filter() To remove kses filters if needed
- * @uses esc_attr() For sanitization
  * @uses bbp_check_for_flood() To check for flooding
  * @uses bbp_check_for_duplicate() To check for duplicates
@@ -263 +262 @@
 
     if ( !empty( $_POST['bbp_reply_title'] ) ) {
-        $reply_title = esc_attr( strip_tags( $_POST['bbp_reply_title'] ) );
+        $reply_title = sanitize_text_field( $_POST['bbp_reply_title'] );
     }
 
@@ -330 +329 @@
     // Either replace terms
     if ( bbp_allow_topic_tags() && current_user_can( 'assign_topic_tags' ) && ! empty( $_POST['bbp_topic_tags'] ) ) {
-        $terms = esc_attr( strip_tags( $_POST['bbp_topic_tags'] ) );
+        $terms = sanitize_text_field( $_POST['bbp_topic_tags'] );
 
     // ...or remove them.
@@ -472 +471 @@
  * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error}
  * @uses remove_filter() To remove kses filters if needed
- * @uses esc_attr() For sanitization
- * @uses apply_filters() Calls 'bbp_edit_reply_pre_title' with the title and
- *                       reply id
- * @uses apply_filters() Calls 'bbp_edit_reply_pre_content' with the content
- *                        reply id
+ * @uses apply_filters() Calls 'bbp_edit_reply_pre_title' with the title and id
+ * @uses apply_filters() Calls 'bbp_edit_reply_pre_content' with the content id
  * @uses wp_set_post_terms() To set the topic tags
  * @uses bbp_has_errors() To get the {@link WP_Error} errors
@@ -600 +596 @@
 
     if ( !empty( $_POST['bbp_reply_title'] ) ) {
-        $reply_title = esc_attr( strip_tags( $_POST['bbp_reply_title'] ) );
+        $reply_title = sanitize_text_field( $_POST['bbp_reply_title'] );
     }
 
@@ -652 +648 @@
     // Either replace terms
     if ( bbp_allow_topic_tags() && current_user_can( 'assign_topic_tags' ) && ! empty( $_POST['bbp_topic_tags'] ) ) {
-        $terms = esc_attr( strip_tags( $_POST['bbp_topic_tags'] ) );
+        $terms = sanitize_text_field( $_POST['bbp_topic_tags'] );
 
     // ...or remove them.
@@ -718 +714 @@
     // Revision Reason
     if ( !empty( $_POST['bbp_reply_edit_reason'] ) ) {
-        $reply_edit_reason = esc_attr( strip_tags( $_POST['bbp_reply_edit_reason'] ) );
+        $reply_edit_reason = sanitize_text_field( $_POST['bbp_reply_edit_reason'] );
     }
 
@@ -1384 +1380 @@
                     // Use the new title that was passed
                     if ( !empty( $_POST['bbp_reply_move_destination_title'] ) ) {
-                        $destination_topic_title = esc_attr( strip_tags( $_POST['bbp_reply_move_destination_title'] ) );
+                        $destination_topic_title = sanitize_text_field( $_POST['bbp_reply_move_destination_title'] );
 
                     // Use the source topic title