[wp-trac] [WordPress Trac] #25023: WordPress 3.6 deleting data on custom post meta
WordPress Trac
noreply at wordpress.org
Wed Aug 28 21:17:46 UTC 2013
#25023: WordPress 3.6 deleting data on custom post meta
----------------------------+--------------------
Reporter: cdwharton | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.6.1
Component: Administration | Version: 3.6
Severity: critical | Resolution:
Keywords: |
----------------------------+--------------------
Comment (by WraithKenny):
Replying to [comment:30 c3mdigital]:
> Sounds like we need a refresher post on the dev blog to remind on how to
save postmeta.
I think what we need is a better hook then 'save_post' for saving custom
post meta (that checks automatically for things like autosave/revisions,
and has distinct hooks for post types, and doesn't run more then once,
maybe checks a default nonce or for an empty $_post), and replacing the
codex examples. (maybe 'save_edit_screen_meta_boxes' and
"save_{$post_type)_meta_boxes" or something, but that's for another
ticket, I suppose.)
It would make new plugin code less fragile.
Back to the bug, the example code fails to check for Nonce, doesn't check
for revision, doesn't sanitize or validate data... seems like a very rare
edge-case. Plenty example code out there leaves out some checks, but all
of that? I don't think it's worth fixing.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/25023#comment:32>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list