[wp-trac] [WordPress Trac] #4546: Sanitizing sanitization and filter
invocation
WordPress Trac
wp-trac at lists.automattic.com
Tue Jun 26 21:45:59 GMT 2007
#4546: Sanitizing sanitization and filter invocation
----------------------------+-----------------------------------------------
Reporter: ryan | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.3 (trunk)
Component: Administration | Version: 2.3
Severity: normal | Keywords: filters santize
----------------------------+-----------------------------------------------
I think some better API would help eliminate having to apply filters by
hand in so many places. see #4516, #4050, ...
The term API introduced santize_term() and sanitize_term_field() which
sanitizes term fields and applies filters based upon the context in which
the term is used. This could be augmented and extended to other objects.
Using terms as an example, ...
Add a 'the' context to sanitize_term() and sanitize_term_field(). 'the'
will trigger the_term_$field and the_$taxonomy_$field filters in addition
to the existing term_$field and $taxonomy_$field filters. We'll need to
map the_$taxonomy_name to the_$taxonomy for back compat.
Add a filter argument to get_term(). If filter is specified, get_term()
will use it to sanitize_term. The cache should store only unfiltered
terms, so filtering should be done after the cache add.
Add a filter option to get_terms(). If a filter is specified, get_terms()
will run sanitize_term() against each fetched term object.
Do the same for posts and other objects. Create sanitize_post() and
sanitize_post_field() and add a filter argument to get_post().
In those places where we have to filter a field by hand, use
sanitize_*_field() to trigger the filters instead of calling apply_filters
directly.
--
Ticket URL: <http://trac.wordpress.org/ticket/4546>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list