Title: codesmith32's Replies | WordPress.org
---
# codesmith32
[ ](https://wordpress.org/support/users/codesmith32/)
* [Profile](https://wordpress.org/support/users/codesmith32/)
* [Topics Started](https://wordpress.org/support/users/codesmith32/topics/)
* [Replies Created](https://wordpress.org/support/users/codesmith32/replies/)
* [Reviews Written](https://wordpress.org/support/users/codesmith32/reviews/)
* [Topics Replied To](https://wordpress.org/support/users/codesmith32/replied-to/)
* [Engagements](https://wordpress.org/support/users/codesmith32/engagements/)
* [Favorites](https://wordpress.org/support/users/codesmith32/favorites/)
Search replies:
## Forum Replies Created
Viewing 6 replies - 1 through 6 (of 6 total)
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[Job Postings] When customizing most titles, & is getting escaped twice](https://wordpress.org/support/topic/when-customizing-most-titles-is-getting-escaped-twice/)
* Thread Starter [codesmith32](https://wordpress.org/support/users/codesmith32/)
* (@codesmith32)
* [4 months, 1 week ago](https://wordpress.org/support/topic/when-customizing-most-titles-is-getting-escaped-twice/#post-18803092)
* Hey devs, just wanted to say thanks for starting to fix this issue! I saw in
v2.8 that someone went through and resolved most of the issues with `class-job-
single-view.php`.
* With that said, I realized this issue was more widespread than just `class-job-
single-view.php`. It also applies to `include/class-job-add-edit.php` which I
didn’t see any changes for yet (I should’ve mentioned it sooner). I found that
specifically if we add an & to the position title, after saving, it re-renders
triple-escaped, meaning we get &. If we save again, this then actually
applies to the position page, and it worsens each time.
* Again, I fixed this in my copy, but it doesn’t look like your code has fixed
this yet. So, I’ll update and then apply my fix for this file, and see how it
goes. EDIT: Worked fine after I applied my patch.
* ______________________________________________________________________________________
* In general, though, to properly escape in WP plugins, you should follow these
rules:
- Never escape anywhere _except_ in the html directly. This ensures that double
escaping never occurs, and also that _lack_ of escaping never happens (which
is in fact still true in some small places in the plugin). Your html strings
therefore should be made up exclusively of:
* quoted literals,
* `esc_attr` calls, and
* `esc_html` calls.
* Only break this rule if it is absolutely necessary to inject strings containing
html (which is generally very rare). In this case, it might be worth using
a variable name convention to indicate a var that represents html.
* - `esc_html` should always be used for escaping non-html contents within html(
again, just don’t escape a string if it must contain html).
* e.g., `''`
- `esc_attr` should be used for escaping within attributes.
* e.g., `'`.
* ______________________________________________________________________________________
* There’s also a minor bug in `admin/script.js` that occurs when I use text mode
instead of tinymce (which I always do). On line 839 (or so?) we have `tinymce.
get(editor_id).getContent()` but `tinymce.get(editor_id)` returns null if I’m
in text mode. It seems to work fine if I just break it up and only continue if
the editor exists.
* ______________________________________________________________________________________
* I would be more than willing to contribute, but I use github pretty much exclusively.
I don’t see a github repo – just an SVN repo, and I’m not familiar with connecting
github to an SVN repo..
* Thanks again!
- This reply was modified 4 months, 1 week ago by [codesmith32](https://wordpress.org/support/users/codesmith32/).
- This reply was modified 4 months, 1 week ago by [codesmith32](https://wordpress.org/support/users/codesmith32/).
- This reply was modified 4 months, 1 week ago by [codesmith32](https://wordpress.org/support/users/codesmith32/).
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[Job Postings] When customizing most titles, & is getting escaped twice](https://wordpress.org/support/topic/when-customizing-most-titles-is-getting-escaped-twice/)
* Thread Starter [codesmith32](https://wordpress.org/support/users/codesmith32/)
* (@codesmith32)
* [4 months, 1 week ago](https://wordpress.org/support/topic/when-customizing-most-titles-is-getting-escaped-twice/#post-18800483)
* For myself, I just removed all these dumb double-encoding lines from `job-postings/
include/class-job-single-view.php`. Sorry for any non-coders dealing with this.
Maybe they’ll fix it soon.
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[Redirection for Contact Form 7] Undefined variable response](https://wordpress.org/support/topic/undefined-variable-response-2/)
* Thread Starter [codesmith32](https://wordpress.org/support/users/codesmith32/)
* (@codesmith32)
* [12 months ago](https://wordpress.org/support/topic/undefined-variable-response-2/#post-18507427)
* Hey [@rodicaelena](https://wordpress.org/support/users/rodicaelena/),
* I believe it is fixed now. I was helping a client when I discovered it, and I
think I recall they said it was working since the update.
* Thank you!
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[LightStart - Maintenance Mode, Coming Soon and Landing Page Builder] Doesn’t work on homepage](https://wordpress.org/support/topic/doesnt-work-on-homepage-4/)
* Thread Starter [codesmith32](https://wordpress.org/support/users/codesmith32/)
* (@codesmith32)
* [4 years, 11 months ago](https://wordpress.org/support/topic/doesnt-work-on-homepage-4/#post-14554570)
* Forget it.
* It was due to WPEngine caching.
* I had the issue with the new plugin too. I had to go into WPEngine and clear
page cache to fix it. I’m assuming this was the real issue.
* Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
In reply to: [I can't add more pages to menu – menu delete pages](https://wordpress.org/support/topic/i-cant-add-more-pages-to-menu-menu-delete-pages/)
* [codesmith32](https://wordpress.org/support/users/codesmith32/)
* (@codesmith32)
* [11 years, 12 months ago](https://wordpress.org/support/topic/i-cant-add-more-pages-to-menu-menu-delete-pages/#post-4989620)
* After researching, I discovered the root of the issue.
* The PHP 5.3.9 update includes a new `php.ini` setting called `max_input_vars`.
This new setting is a restriction on the number of data values that may be sent
back to the server, and was added as an attempt to potentially avoid some dos
attacks. However, due to the fact that saving a WordPress menu sends back a large
number of values (multiple for each menu item, _especially_ when using UberMenu),
the values will be truncated to this limit. The default value for `max_input_vars`
is `1000`, and if the PHP server being used has not adjusted this value, the
maximum number of menu items that may be added successfully (with the UberMenu)
is something around 80. Any more will not only be cut off, but the set locations(
under Manage Locations) may also be lost.
* [Here’s a detailed report](http://sevenspark.com/docs/ubermenu-menu-item-limit)
* Bottom line is, if you don’t have access to the `php.ini` file (which you typically
won’t), you’ll have to contact your host to get the value changed.
* Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
In reply to: [I can't add more pages to menu – menu delete pages](https://wordpress.org/support/topic/i-cant-add-more-pages-to-menu-menu-delete-pages/)
* [codesmith32](https://wordpress.org/support/users/codesmith32/)
* (@codesmith32)
* [12 years ago](https://wordpress.org/support/topic/i-cant-add-more-pages-to-menu-menu-delete-pages/#post-4989597)
* It’s a wordpress 3.9.1 bug. I’ve got the exact same problem. The similarity with
your situation and mine is that I just updated WP, and now it fails. Request
a bug-fix or revert to a previous version.
* [@esmi](https://wordpress.org/support/users/esmi/) is right. I’ll look more deeply
into it. I did deactivate all plugins, and reactivate all, but not individually.
Viewing 6 replies - 1 through 6 (of 6 total)