Opened 17 years ago
Closed 17 years ago
#4546 closed defect (bug) (fixed)
Sanitizing sanitization and filter invocation
Reported by: | ryan | Owned by: | |
---|---|---|---|
Milestone: | 2.3 | Priority: | normal |
Severity: | normal | Version: | 2.3 |
Component: | Administration | Keywords: | filters santize |
Focuses: | Cc: |
Description
I think some better API would help eliminate having to apply filters by hand in so many places. see #4516, #4050, ...
The term API introduced santize_term() and sanitize_term_field() which sanitizes term fields and applies filters based upon the context in which the term is used. This could be augmented and extended to other objects. Using terms as an example, ...
Add a 'the' context to sanitize_term() and sanitize_term_field(). 'the' will trigger the_term_$field and the_$taxonomy_$field filters in addition to the existing term_$field and $taxonomy_$field filters. We'll need to map the_$taxonomy_name to the_$taxonomy for back compat.
Add a filter argument to get_term(). If filter is specified, get_term() will use it to sanitize_term. The cache should store only unfiltered terms, so filtering should be done after the cache add.
Add a filter option to get_terms(). If a filter is specified, get_terms() will run sanitize_term() against each fetched term object.
Do the same for posts and other objects. Create sanitize_post() and sanitize_post_field() and add a filter argument to get_post().
In those places where we have to filter a field by hand, use sanitize_*_field() to trigger the filters instead of calling apply_filters directly.
Post filtering example