An attempt to fix the theme check sanitization errors in Blockbase (#4601)

* Blockbase: Fix sanitization theme check errors

* Blockbase: Fix another sanitization theme check error

blockbase/inc/customizer/wp-customize-color-palettes.php

@@ -64,9 +64,10 @@ class GlobalStylesColorPalettes {
 		$wp_customize->add_setting(
 			'color_palette',
 			array(
-				'default'    => 'default-palette',
-				'capability' => 'edit_theme_options',
-				'transport'  => 'postMessage', // We need this to stop the page refreshing.
+				'default'           => 'default-palette',
+				'capability'        => 'edit_theme_options',
+				'sanitize_callback' => array( __CLASS__, 'sanitize_color_palette' ),
+				'transport'         => 'postMessage', // We need this to stop the page refreshing.
 			)
 		);
 
@@ -84,6 +85,14 @@ class GlobalStylesColorPalettes {
 			)
 		);
 	}
+
+	function sanitize_color_palette( $palette ) {
+		$palette['slug']  = sanitize_title( $palette['slug'] );
+		$palette['color'] = sanitize_hex_color( $palette['color'] );
+		$palette['name']  = sanitize_title( $palette['name'] );
+
+		return $palette;
+	}
 }
 
 new GlobalStylesColorPalettes;

blockbase/inc/customizer/wp-customize-colors.php

@@ -113,11 +113,15 @@ class GlobalStylesColorCustomizer {
 			$setting_key,
 			array(
 				'default'           => $palette_item['default'],
-				'sanitize_callback' => 'sanitize_hex_color',
 				'user_value'        => $palette_item['color'],
 			)
 		);
-		$wp_customize->add_setting( $global_styles_setting );
+		$wp_customize->add_setting(
+			$global_styles_setting,
+			array(
+				'sanitize_callback' => 'sanitize_hex_color'
+			)
+		);
 
 		$wp_customize->add_control(
 			new WP_Customize_Color_Control(

blockbase/inc/customizer/wp-customize-fonts.php

@@ -312,8 +312,8 @@ class GlobalStylesFontsCustomizer {
 			)
 		);
 
-		$this->add_setting_and_control( $wp_customize, 'body', __( 'Body font', 'blockbase' ), $body_font_default['slug'], $body_font_selected['slug'] );
-		$this->add_setting_and_control( $wp_customize, 'heading', __( 'Heading font', 'blockbase' ), $heading_font_default['slug'], $heading_font_selected['slug'] );
+		$this->add_setting_and_control( $wp_customize, 'body', __( 'Body font', 'blockbase' ), $body_font_default['slug'], $body_font_selected['slug'], 'sanitize_title' );
+		$this->add_setting_and_control( $wp_customize, 'heading', __( 'Heading font', 'blockbase' ), $heading_font_default['slug'], $heading_font_selected['slug'], 'sanitize_title' );
 	}
 
 	function get_font_family( $array, $configuration ) {
@@ -345,17 +345,21 @@ class GlobalStylesFontsCustomizer {
 		return $new_font;
 	}
 
-	function add_setting_and_control( $wp_customize, $name, $label, $default, $user_value ) {
+	function add_setting_and_control( $wp_customize, $name, $label, $default, $user_value, $sanitize_callback ) {
 		$setting_name          = $this->section_key . $name;
 		$global_styles_setting = new WP_Customize_Global_Styles_Setting(
 			$wp_customize,
 			$setting_name,
 			array(
-				'default'    => $default,
-				'user_value' => $user_value,
+				'default'           => $default,
+				'user_value'        => $user_value
+			)
+		);
+		$wp_customize->add_setting( $global_styles_setting,
+			array(
+				'sanitize_callback' => $sanitize_callback
 			)
 		);
-		$wp_customize->add_setting( $global_styles_setting );
 
 		$choices = array();
 		foreach ( $this->fonts as $font_slug => $font_setting ) {