WordPress.org

Make WordPress Core

Changes between Version 4 and Version 5 of Ticket #50244, comment 2


Ignore:
Timestamp:
05/27/2020 01:24:53 PM (3 months ago)
Author:
zieladam
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #50244, comment 2

    v4 v5  
    11One of the conclusions from the Slack chat was that the REST API already uses separate functions to validate and store the data, and so it should be fairly straightforward to reuse these functions to validate the entire batch input before persisting anything.
    22
    3 Today I have been looking into flagging any place in the menu items controller that's doing the validation outside of `validate_callback`. I found the validation and sanitization are implemented all at once in [[https://github.com/WordPress/gutenberg/blob/2881f84896cace4cc1828774c8e09252d9e67e39/lib/class-wp-rest-menu-items-controller.php#L303|prepare_item_for_database]] and there are no separate `validate_callback` methods for each property.
     3Today I have been looking into flagging any place in the menu items controller that's doing the validation outside of `validate_callback`. I found the validation and sanitization are implemented all at once in [[https://github.com/WordPress/gutenberg/blob/2881f84896cace4cc1828774c8e09252d9e67e39/lib/class-wp-rest-menu-items-controller.php#L303|prepare_item_for_database]] and that `validate_callback` method is not used for any property at all.
    44
    55This follows the pattern from [[https://github.com/WordPress/WordPress/blob/master/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php#L2210|WP_REST_Posts_Controller]] which does the exact same thing. The same is true for [[https://github.com/WordPress/WordPress/blob/master/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php|WP_REST_Comments_Controller]], [[https://github.com/WordPress/WordPress/blob/master/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php| WP_REST_Attachments_Controller]], and potentially a lot of open source classes inheriting from any of these.