WordPress.org

Make WordPress Core

Opened 8 years ago

Closed 8 years ago

#4546 closed defect (bug) (fixed)

Sanitizing sanitization and filter invocation

Reported by: ryan Owned by:
Milestone: 2.3 Priority: normal
Severity: normal Version: 2.3
Component: Administration Keywords: filters santize
Focuses: Cc:

Description

I think some better API would help eliminate having to apply filters by hand in so many places. see #4516, #4050, ...

The term API introduced santize_term() and sanitize_term_field() which sanitizes term fields and applies filters based upon the context in which the term is used. This could be augmented and extended to other objects. Using terms as an example, ...

Add a 'the' context to sanitize_term() and sanitize_term_field(). 'the' will trigger the_term_$field and the_$taxonomy_$field filters in addition to the existing term_$field and $taxonomy_$field filters. We'll need to map the_$taxonomy_name to the_$taxonomy for back compat.

Add a filter argument to get_term(). If filter is specified, get_term() will use it to sanitize_term. The cache should store only unfiltered terms, so filtering should be done after the cache add.

Add a filter option to get_terms(). If a filter is specified, get_terms() will run sanitize_term() against each fetched term object.

Do the same for posts and other objects. Create sanitize_post() and sanitize_post_field() and add a filter argument to get_post().

In those places where we have to filter a field by hand, use sanitize_*_field() to trigger the filters instead of calling apply_filters directly.

Attachments (2)

post_filter.diff (7.2 KB) - added by ryan 8 years ago.
Post filtering example
sanitize_and_filter.diff (19.4 KB) - added by ryan 8 years ago.
Add sanitize_bookmark_field; cleanup default filters

Download all attachments as: .zip

Change History (7)

@ryan8 years ago

Post filtering example

comment:1 @ryan8 years ago

Patch introduces sanitize_post() and sanitize_post_field() and adds a filter option to get_post().

comment:2 @ryan8 years ago

(In [5796]) Post filter rework. see #4546

@ryan8 years ago

Add sanitize_bookmark_field; cleanup default filters

comment:3 @ryan8 years ago

Patch adds some bookmark sanitization API and cleans up default filters.

comment:4 @ryan8 years ago

(In [5906]) bookmark sanitizer funcs and default filter cleanup. see #4546

comment:5 @ryan8 years ago

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.