Make WordPress Core


Ignore:
File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/4.1/src/wp-includes/class-wp-customize-manager.php

    r30931 r31410  
    6464
    6565    /**
    66      * $_POST values for Customize Settings.
    67      *
    68      * @var array
     66     * Unsanitized values for Customize Settings parsed from $_POST['customized'].
     67     *
     68     * @var array|false
    6969     */
    7070    private $_post_values;
     
    7676     */
    7777    public function __construct() {
    78         require( ABSPATH . WPINC . '/class-wp-customize-setting.php' );
    79         require( ABSPATH . WPINC . '/class-wp-customize-panel.php' );
    80         require( ABSPATH . WPINC . '/class-wp-customize-section.php' );
    81         require( ABSPATH . WPINC . '/class-wp-customize-control.php' );
    82         require( ABSPATH . WPINC . '/class-wp-customize-widgets.php' );
     78        require_once( ABSPATH . WPINC . '/class-wp-customize-setting.php' );
     79        require_once( ABSPATH . WPINC . '/class-wp-customize-panel.php' );
     80        require_once( ABSPATH . WPINC . '/class-wp-customize-section.php' );
     81        require_once( ABSPATH . WPINC . '/class-wp-customize-control.php' );
     82        require_once( ABSPATH . WPINC . '/class-wp-customize-widgets.php' );
    8383
    8484        $this->widgets = new WP_Customize_Widgets( $this );
     
    400400
    401401    /**
    402      * Decode the $_POST['customized'] values for a specific Customize Setting.
    403      *
    404      * @since 3.4.0
     402     * Parse the incoming $_POST['customized'] JSON data and store the unsanitized
     403     * settings for subsequent post_value() lookups.
     404     *
     405     * @since 4.1.1
     406     *
     407     * @return array
     408     */
     409    public function unsanitized_post_values() {
     410        if ( ! isset( $this->_post_values ) ) {
     411            if ( isset( $_POST['customized'] ) ) {
     412                $this->_post_values = json_decode( wp_unslash( $_POST['customized'] ), true );
     413            }
     414            if ( empty( $this->_post_values ) ) { // if not isset or of JSON error
     415                $this->_post_values = false;
     416            }
     417        }
     418        if ( empty( $this->_post_values ) ) {
     419            return array();
     420        } else {
     421            return $this->_post_values;
     422        }
     423    }
     424
     425    /**
     426     * Return the sanitized value for a given setting from the request's POST data.
     427     *
     428     * @since 3.4.0
     429     * @since 4.1.1 Introduced 'default' parameter.
    405430     *
    406431     * @param WP_Customize_Setting $setting A WP_Customize_Setting derived object
    407      * @return string $post_value Sanitized value
    408      */
    409     public function post_value( $setting ) {
    410         if ( ! isset( $this->_post_values ) ) {
    411             if ( isset( $_POST['customized'] ) )
    412                 $this->_post_values = json_decode( wp_unslash( $_POST['customized'] ), true );
    413             else
    414                 $this->_post_values = false;
    415         }
    416 
    417         if ( isset( $this->_post_values[ $setting->id ] ) )
    418             return $setting->sanitize( $this->_post_values[ $setting->id ] );
     432     * @param mixed $default value returned $setting has no post value (added in 4.2.0).
     433     * @return string|mixed $post_value Sanitized value or the $default provided
     434     */
     435    public function post_value( $setting, $default = null ) {
     436        $post_values = $this->unsanitized_post_values();
     437        if ( array_key_exists( $setting->id, $post_values ) ) {
     438            return $setting->sanitize( $post_values[ $setting->id ] );
     439        } else {
     440            return $default;
     441        }
    419442    }
    420443
Note: See TracChangeset for help on using the changeset viewer.