[wp-trac] [WordPress Trac] #34893: Improve Customizer setting validation model
WordPress Trac
noreply at wordpress.org
Mon Dec 7 20:02:00 UTC 2015
#34893: Improve Customizer setting validation model
-------------------------------------+--------------------------
Reporter: westonruter | Owner: westonruter
Type: enhancement | Status: accepted
Priority: normal | Milestone: 4.5
Component: Customize | Version: 3.4
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses: javascript
-------------------------------------+--------------------------
Comment (by joehoyle):
I agree on wanting to split the validate / sanitization. Validate can
return `true` / `false` and optionally a WP_Error to provide extra
validation feedback to the user. `sanitize` is used to mutate the value to
the correct datatype, be it a safe string, bool, int etc.
I'd imagine you could just call the `validate_callback` in isolation also,
for example, checking an inputs validity on keyup / blur.
@rmccue and myself have discussed for the REST API on Save, whether the
validate callback should be called on the value pre or post sanitize. I
think there's merit to both, depending on the use case, we never came to a
hard decision on that, but core currently calls sanitize before validate.
This means the validator function can deal with "clean" data, and is
concerned with specific validity rather than type checks. For this way
round, the example of posts_per_page is a good one: `sanitize_callback`
calls `absint` on the data passed via POST, and the `validate_callback`
would then `> 0 && < 100`.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/34893#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list