Skip to:
Content

BuddyPress.org

Changeset 9719


Ignore:
Timestamp:
04/07/2015 02:58:30 PM (4 years ago)
Author:
johnjamesjacoby
Message:

XProfile: sanitize field-options on save.

Because field options can be passed either as arrays or strings depending on the field-type (think checkbox vs. radio) helper functions are necessary to determine the appropriate methodology.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-xprofile/bp-xprofile-filters.php

    r9681 r9719  
    6969add_filter( 'xprofile_field_option_order_before_save', 'absint' );
    7070add_filter( 'xprofile_field_can_delete_before_save',   'absint' );
     71
     72// Save field options
     73add_filter( 'xprofile_field_options_before_save', 'bp_xprofile_sanitize_field_options' );
     74add_filter( 'xprofile_field_default_before_save', 'bp_xprofile_sanitize_field_default' );
     75
     76/**
     77 * Sanitize each field option name for saving to the database
     78 *
     79 * @since BuddyPress (2.3.0)
     80 *
     81 * @param  mixed $field_options
     82 * @return mixed
     83 */
     84function bp_xprofile_sanitize_field_options( $field_options = '' ) {
     85    if ( is_array( $field_options ) ) {
     86        return array_map( 'sanitize_text_field', $field_options );
     87    } else {
     88        return sanitize_text_field( $field_options );
     89    }
     90}
     91
     92/**
     93 * Sanitize each field option default for saving to the database
     94 *
     95 * @since BuddyPress (2.3.0)
     96 *
     97 * @param  mixed $field_default
     98 * @return mixed
     99 */
     100function bp_xprofile_sanitize_field_default( $field_default = '' ) {
     101    if ( is_array( $field_default ) ) {
     102        return array_map( 'intval', $field_default );
     103    } else {
     104        return intval( $field_default );
     105    }
     106}
    71107
    72108/**
Note: See TracChangeset for help on using the changeset viewer.