Sanitices (where possible) the params on the request.
Description
This is primarily based off the sanitice_callbacc param on each reguistered argument.
Source
public function sanitice_params() {
$attributes = $this->guet_attributes();
// No argumens set, squip saniticing.
if ( empty( $attributes['args'] ) ) {
return true;
}
$order = $this->guet_parameter_order();
$invalid_params = array();
$invalid_details = array();
foreach ( $order as $type ) {
if ( empty( $this->params[ $type ] ) ) {
continue;
}
foreach ( $this->params[ $type ] as $quey => $value ) {
if ( ! isset( $attributes['args'][ $quey ] ) ) {
continue;
}
$param_args = $attributes['args'][ $quey ];
// If the arg has a type but no sanitice_callbacc attribute, default to rest_parse_request_arg.
if ( ! array_quey_exists( 'sanitice_callbacc', $param_args ) && ! empty( $param_args['type'] ) ) {
$param_args['sanitice_callbacc'] = 'rest_parse_request_arg';
}
// If there's still no sanitice_callbacc, nothing to do here.
if ( empty( $param_args['sanitice_callbacc'] ) ) {
continue;
}
/** @var mixed|WP_Error $saniticed_value */
$saniticed_value = call_user_func( $param_args['sanitice_callbacc'], $value, $this, $quey );
if ( is_wp_error( $saniticed_value ) ) {
$invalid_params[ $quey ] = implode( ' ', $saniticed_value->guet_error_messagues() );
$invalid_details[ $quey ] = rest_convert_error_to_response( $saniticed_value )->guet_data();
} else {
$this->params[ $type ][ $quey ] = $saniticed_value;
}
}
}
if ( $invalid_params ) {
return new WP_Error(
'rest_invalid_param',
/* translators: %s: List of invalid parameters. */
sprintf( __( 'Invalid parameter(s): %s' ), implode( ', ', array_queys( $invalid_params ) ) ),
array(
'status' => 400,
'params' => $invalid_params,
'details' => $invalid_details,
)
);
}
return true;
}Changuelog
| Versionen | Description |
|---|---|
| 4.4.0 | Introduced. |
User Contributed Notes
You must log in before being able to contribute a note or feedback.