diff --git a/src/wp-includes/rest-api/class-wp-rest-request.php b/src/wp-includes/rest-api/class-wp-rest-request.php
index 3c465ba..d37ab61 100644
|
a
|
b
|
class WP_REST_Request implements ArrayAccess { |
| 818 | 818 | continue; |
| 819 | 819 | } |
| 820 | 820 | foreach ( $this->params[ $type ] as $key => $value ) { |
| 821 | | // if no sanitize_callback was specified, default to rest_parse_request_arg |
| 822 | | // if a type was specified in the args. |
| 823 | | if ( ! isset( $attributes['args'][ $key ]['sanitize_callback'] ) && ! empty( $attributes['args'][ $key ]['type'] ) ) { |
| 824 | | $attributes['args'][ $key ]['sanitize_callback'] = 'rest_parse_request_arg'; |
| | 821 | if ( ! isset( $attributes['args'][ $key ] ) ) { |
| | 822 | continue; |
| | 823 | } |
| | 824 | $param_args = $attributes['args'][ $key ]; |
| | 825 | |
| | 826 | // If the arg has a type but no sanitize_callback attribute, default to rest_parse_request_arg. |
| | 827 | if ( ! array_key_exists( 'sanitize_callback', $param_args ) && ! empty( $param_args['type'] ) ) { |
| | 828 | $param_args['sanitize_callback'] = 'rest_parse_request_arg'; |
| 825 | 829 | } |
| 826 | | // Check if this param has a sanitize_callback added. |
| 827 | | if ( ! isset( $attributes['args'][ $key ] ) || empty( $attributes['args'][ $key ]['sanitize_callback'] ) ) { |
| | 830 | // If there's still no sanitize_callback, nothing to do here. |
| | 831 | if ( empty( $param_args['sanitize_callback'] ) ) { |
| 828 | 832 | continue; |
| 829 | 833 | } |
| 830 | 834 | |
| 831 | | $sanitized_value = call_user_func( $attributes['args'][ $key ]['sanitize_callback'], $value, $this, $key ); |
| | 835 | $sanitized_value = call_user_func( $param_args['sanitize_callback'], $value, $this, $key ); |
| 832 | 836 | |
| 833 | 837 | if ( is_wp_error( $sanitized_value ) ) { |
| 834 | 838 | $invalid_params[ $key ] = $sanitized_value->get_error_message(); |
diff --git a/tests/phpunit/tests/rest-api/rest-request.php b/tests/phpunit/tests/rest-api/rest-request.php
index de44844..dd87e2b 100644
|
a
|
b
|
class Tests_REST_Request extends WP_UnitTestCase { |
| 342 | 342 | $this->assertEquals( 'rest_invalid_param', $valid->get_error_code() ); |
| 343 | 343 | } |
| 344 | 344 | |
| | 345 | public function test_sanitize_params_with_null_callback() { |
| | 346 | $this->request->set_url_params( array( |
| | 347 | 'some_email' => '', |
| | 348 | ) ); |
| | 349 | |
| | 350 | $this->request->set_attributes( array( |
| | 351 | 'args' => array( |
| | 352 | 'some_email' => array( |
| | 353 | 'type' => 'string', |
| | 354 | 'format' => 'email', |
| | 355 | 'sanitize_callback' => null, |
| | 356 | ), |
| | 357 | ), |
| | 358 | ) ); |
| | 359 | |
| | 360 | $this->assertTrue( $this->request->sanitize_params() ); |
| | 361 | } |
| | 362 | |
| | 363 | public function test_sanitize_params_with_false_callback() { |
| | 364 | $this->request->set_url_params( array( |
| | 365 | 'some_uri' => 1.23422, |
| | 366 | ) ); |
| | 367 | |
| | 368 | $this->request->set_attributes( array( |
| | 369 | 'args' => array( |
| | 370 | 'some_uri' => array( |
| | 371 | 'type' => 'string', |
| | 372 | 'format' => 'uri', |
| | 373 | 'sanitize_callback' => false, |
| | 374 | ), |
| | 375 | ), |
| | 376 | ) ); |
| | 377 | |
| | 378 | $this->assertTrue( $this->request->sanitize_params() ); |
| | 379 | } |
| | 380 | |
| 345 | 381 | public function test_has_valid_params_required_flag() { |
| 346 | 382 | $this->request->set_attributes( array( |
| 347 | 383 | 'args' => array( |