Support slashes in slug settings

[mordauk]

Scenario: a site needs to have forum user profiles set to forums/membership-services/view-profile/{username}

Problem: in order to do this (without modifying the URLs via a filter) the user needs to set User Base slug to membership-services/view-profile, except bbPress strips slashes from these fields.

It'd be great to be able to set bbPress URLs that contain an extra level.

Currently the slugs are all passed through sanitize_title() for the sanitize_callback. We can support slashes by passing it through sanitize_text_field() instead.

I've tested this and it does work by simply changing sanitize_title() to sanitize_text_field(). Are there any draw backs to doing this?

sanitize_text_field() does not strip enough out. It allows unsafe URL characters, causing 404's.

We need a function that explode()'s by / and calls a number of sanitization's on each chunk in the string.

Would passing each chunk through sanitize_title() be sufficient?

Turns out a somewhat urgent fix is necessary here, so moving to 2.5.4.

Patched against trunk

In 5365:

Introduce bbp_sanitize_slug() function for sanitizing permalink slugs, and use it as the callback for any slug settings. Props mazengamal. See #2496 (trunk).

In 5366:

Introduce bbp_sanitize_slug() function for sanitizing permalink slugs, and use it as the callback for any slug settings. Props mazengamal. See #2496 (2.5 branch).

Marking as resolved. Will release 2.5.4 later today.