Introduce sanitise_css_classname() and use it to give categories, tags, users etc meaningful classnames where possible. Falls back to the id if not. Fixes #8446.

git-svn-id: http://svn.automattic.com/wordpress/trunk@11433 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/formatting.php

@@ -718,6 +718,29 @@ function sanitize_sql_orderby( $orderby ){
 	return $orderby;
 }
 
+/**
+ * Santises a css classname to ensure it only contains valid characters
+ * 
+ * Strips the classname down to A-Z,a-z,0-9,'-' if this results in an empty
+ * string then it will return the alternative value supplied.
+ *  
+ * @param string $classname The classname to be sanitised
+ * @param string $alternative The value to return if the sanitisation end's up as an empty string.
+ * @return string The sanitised value
+ */
+function sanitise_css_classname($classname, $alternative){
+	//Strip out any % encoded octets
+	$sanitised = preg_replace('|%[a-fA-F0-9][a-fA-F0-9]|', '', $classname);
+	
+	//Limit to A-Z,a-z,0-9,'-'
+	$sanitised = preg_replace('/[^A-Za-z0-9-]/', '', $sanitised);
+	
+	if ('' == $sanitised)
+		$sanitised = $alternative;
+	
+	return apply_filters('sanitise_css_classname',$sanitised, $classname, $alternative);	
+}
+
 /**
  * Converts a number of characters from a string.
  *