Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
06/16/2014 07:23:57 PM (10 years ago)
Author:
boonebgorges
Message:

Don't use extract() in xprofile_insert_field()

This one was particularly heinous.

See #5698

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-xprofile/bp-xprofile-functions.php

    r8533 r8534  
    121121 *     @type bool $can_delete Optional. Whether admins can delete this field in
    122122 *           the Dashboard interface. Generally this is true only for the Name
    123  *           field, which is required throughout BP. Default: false.
     123 *           field, which is required throughout BP. Default: true.
    124124 *     @type string $order_by Optional. For field types that support options
    125125 *           (such as 'radio'), this flag determines whether the sort order of
     
    136136    global $bp;
    137137
    138     extract( $args );
    139 
    140     // Check we have the minimum details
    141     if ( empty( $field_group_id ) )
    142         return false;
     138    $r = wp_parse_args( $args, array(
     139        'field_id' => null,
     140        'field_group_id' => null,
     141        'parent_id' => null,
     142        'type' => '',
     143        'name' => '',
     144        'description' => '',
     145        'is_required' => false,
     146        'can_delete' => true,
     147        'order_by' => '',
     148        'is_default_option' => false,
     149        'option_order' => null,
     150    ) );
     151
     152    // field_group_id is required
     153    if ( empty( $r['field_group_id'] ) ) {
     154        return false;
     155    }
    143156
    144157    // Check this is a valid field type
    145     if ( !in_array( $type, (array) $bp->profile->field_types ) )
    146         return false;
     158    if ( ! in_array( $r['type'], (array) $bp->profile->field_types ) ) {
     159        return false;
     160    }
    147161
    148162    // Instantiate a new field object
    149     if ( !empty( $field_id ) )
    150         $field = new BP_XProfile_Field( $field_id );
    151     else
     163    if ( ! empty( $r['field_id'] ) ) {
     164        $field = new BP_XProfile_Field( $r['field_id'] );
     165    } else {
    152166        $field = new BP_XProfile_Field;
    153 
    154     $field->group_id = $field_group_id;
    155 
    156     if ( !empty( $parent_id ) )
    157         $field->parent_id = $parent_id;
    158 
    159     if ( !empty( $type ) )
    160         $field->type = $type;
    161 
    162     if ( !empty( $name ) )
    163         $field->name = $name;
    164 
    165     if ( !empty( $description ) )
    166         $field->description = $description;
    167 
    168     if ( !empty( $is_required ) )
    169         $field->is_required = $is_required;
    170 
    171     if ( !empty( $can_delete ) )
    172         $field->can_delete = $can_delete;
    173 
    174     if ( !empty( $field_order ) )
    175         $field->field_order = $field_order;
    176 
    177     if ( !empty( $order_by ) )
    178         $field->order_by = $order_by;
    179 
    180     if ( !empty( $is_default_option ) )
    181         $field->is_default_option = $is_default_option;
    182 
    183     if ( !empty( $option_order ) )
    184         $field->option_order = $option_order;
     167    }
     168
     169    $field->group_id = $r['field_group_id'];
     170
     171    if ( ! empty( $r['parent_id'] ) ) {
     172        $field->parent_id = $r['parent_id'];
     173    }
     174
     175    if ( ! empty( $r['type'] ) ) {
     176        $field->type = $r['type'];
     177    }
     178
     179    if ( ! empty( $r['name'] ) ) {
     180        $field->name = $r['name'];
     181    }
     182
     183    if ( ! empty( $r['description'] ) ) {
     184        $field->description = $r['description'];
     185    }
     186
     187    if ( ! empty( $r['is_required'] ) ) {
     188        $field->is_required = $r['is_required'];
     189    }
     190
     191    if ( ! empty( $r['can_delete'] ) ) {
     192        $field->can_delete = $r['can_delete'];
     193    }
     194
     195    if ( ! empty( $r['field_order'] ) ) {
     196        $field->field_order = $r['field_order'];
     197    }
     198
     199    if ( ! empty( $r['order_by'] ) ) {
     200        $field->order_by = $r['order_by'];
     201    }
     202
     203    if ( ! empty( $r['is_default_option'] ) ) {
     204        $field->is_default_option = $r['is_default_option'];
     205    }
     206
     207    if ( ! empty( $r['option_order'] ) ) {
     208        $field->option_order = $r['option_order'];
     209    }
    185210
    186211    return $field->save();
Note: See TracChangeset for help on using the changeset viewer.