Widgets: Remove unnecessary sanitize_text_field() calls in core widget ::form() methods.

This sanitisation only needs to be run in `::update()` to correctly clean up the input. Props welcher, greenshady. Fixes #42461. Built from https://develop.svn.wordpress.org/trunk@44589 git-svn-id: http://core.svn.wordpress.org/trunk@44420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 00:43:49 +00:00
parent 11e9c98d5b
commit 2f288c306c
5 changed files with 5 additions and 9 deletions
--- a/wp-includes/widgets/class-wp-widget-meta.php
+++ b/wp-includes/widgets/class-wp-widget-meta.php
@@ -113,9 +113,8 @@ class WP_Widget_Meta extends WP_Widget {
 	 */
 	public function form( $instance ) {
 		$instance = wp_parse_args( (array) $instance, array( 'title' => '' ) );
-		$title    = sanitize_text_field( $instance['title'] );
 		?>
-			<p><label for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title:' ); ?></label> <input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $title ); ?>" /></p>
+			<p><label for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title:' ); ?></label> <input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $instance['title'] ); ?>" /></p>
 		<?php
 	}
 }