WordPress.org

Make WordPress Core

Opened 22 months ago

Last modified 7 months ago

#43019 new enhancement

Hook to validate post form data before save

Reported by: henry.wright Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: General Keywords: has-patch needs-testing
Focuses: Cc:
PR Number:

Description

There doesn't seem to be a hook available to validate form data before a post is saved. In my case I'm considering using JavaScript to validate the post title, content and meta but would prefer to do this validation server side.

Can we add a hook?

Attachments (2)

43019.diff (535 bytes) - added by danieltj 22 months ago.
Pre insert post hook
43019.2.diff (832 bytes) - added by henry.wright 22 months ago.

Download all attachments as: .zip

Change History (11)

#1 @danieltj
22 months ago

  • Keywords reporter-feedback added

I'm just curious, but why do you need to validate those fields prior to saving as that already happens on post save? Having said that, there is a hook called pre_post_update that is run when something is updated, although not when something is saved for the first time mind you.

Useful links for this hook:

  1. https://core.trac.wordpress.org/browser/tags/4.9/src/wp-includes/post.php#L3371
  2. https://developer.wordpress.org/reference/hooks/pre_post_update/

There are some filter hooks you could use though within the wp_insert_post function if you wanted to check data that is submitted, but like I said; it's validated when run through the function.

If you're wanting to validate custom meta data for a post, you can still use the save_post hook and do your own custom validation there but it depends on your use case as to whether that's helpful or not.

#2 @henry.wright
22 months ago

  • Keywords reporter-feedback removed

Hi @danieltj

I'm just curious, but why do you need to validate those fields prior to saving as that already happens on post save?

Perhaps I should have been more clear. A hook will allow for custom validation to be done. If WordPress validates already then that's great but the key word here is custom.

Having said that, there is a hook called pre_post_update that is run when something is updated

As you mentioned in your comment, the pre_post_update hook will execute only if $update evaluates to true. The hook I'm requesting should apply also to new posts.

If you're wanting to validate custom meta data for a post, you can still use the save_post hook and do your own custom validation there but it depends on your use case as to whether that's helpful or not.

save_post is executed after the post has been saved. This won't be helpful if you need to perform custom validation before the post is added to the database.

#3 @danieltj
22 months ago

  • Keywords has-patch added

Fair enough - I'm all for adding in extra hooks - I was just curious the use-case for it. I'll add a patch for a proposed hook, not sure if anything else is needed apart from the post data being passed through it.

@danieltj
22 months ago

Pre insert post hook

#4 @henry.wright
22 months ago

Thanks for the diff @danieltj

I think we should provide a way of bailing early if the data isn't valid. Please see the incoming 43019.2.diff. Grateful for your thoughts

#5 @johnbillion
22 months ago

  • Keywords ux-feedback needs-testing added

Thanks for the patch. What does the user journey look like if the data that they've entered is considered invalid? Do they see a generic error message stating "The data supplied isn't valid"? Are the fields repopulated with their invalid data or does their data get lost?

Screenshots or a very short screencast could help.

#6 @henry.wright
22 months ago

Thanks John for the feedback.

The user journey isn't very good with my patch 43019.2.diff. They will see the generic error message you mentioned. I think the patch could be fleshed out to allow the callback to return a custom error message.

I believe currently the field data is lost if it's invalid. I think this should also be changed.

#7 @foresmac
17 months ago

This would be super useful. Maybe the way to do it is to have the callback return an array of WP_Error for each custom field that fails validation? If it's empty, then there are no custom field errors.

This ticket was mentioned in Slack in #design by karmatosed. View the logs.


7 months ago

#9 @karmatosed
7 months ago

  • Keywords ux-feedback removed

I am removing ux-feedback as a keyword because this doesn't need the design team to give feedback right now. This was discussed in this week's design triage meeting.

Note: See TracTickets for help on using tickets.