Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Sanitizing colorpickers so as to not give Farbtastic agita.

  • Loading branch information...
commit 58a18655580f56af832b4cfdfd8126dc89516dcb 1 parent 88875a8
Doug Stewart authored

Showing 1 changed file with 18 additions and 1 deletion. Show diff stats Hide diff stats

  1. +18 1 init.php
19 init.php
@@ -223,7 +223,24 @@ function show() {
223 223 echo '$ <input class="cmb_text_money" type="text" name="', $field['id'], '" id="', $field['id'], '" value="', '' !== $meta ? $meta : $field['std'], '" /><span class="cmb_metabox_description">', $field['desc'], '</span>';
224 224 break;
225 225 case 'colorpicker':
226   - echo '<input class="cmb_colorpicker cmb_text_small" type="text" name="', $field['id'], '" id="', $field['id'], '" value="', '' !== $meta ? $meta : $field['std'], '" /><span class="cmb_metabox_description">', $field['desc'], '</span>';
  226 + if( '' !== $meta ) {
  227 + if( preg_match('/^(([a-fA-F0-9]){3}){1,2}$/i', $meta ) ){
  228 + $meta = '#' . $meta;
  229 + } elseif( preg_match('/^#(([a-fA-F0-9]){3}){1,2}$/i', $meta ) ) {
  230 +
  231 + } else {
  232 + $meta = "#";
  233 + }
  234 + } else {
  235 + if( preg_match('/^(([a-fA-F0-9]){3}){1,2}$/i', $field['std'] ) ){
  236 + $meta = '#' . $field['std'];
  237 + } elseif( preg_match('/^#(([a-fA-F0-9]){3}){1,2}$/i', $field['std'] ) ) {
  238 + $meta = $field['std'];
  239 + } else {
  240 + $meta = "#";
  241 + }
  242 + }
  243 + echo '<input class="cmb_colorpicker cmb_text_small" type="text" name="', $field['id'], '" id="', $field['id'], '" value="', $meta, '" /><span class="cmb_metabox_description">', $field['desc'], '</span>';
227 244 break;
228 245 case 'textarea':
229 246 echo '<textarea name="', $field['id'], '" id="', $field['id'], '" cols="60" rows="10">', '' !== $meta ? $meta : $field['std'], '</textarea>','<p class="cmb_metabox_description">', $field['desc'], '</p>';

0 comments on commit 58a1865

Please sign in to comment.
Something went wrong with that request. Please try again.