[wp-trac] [WordPress Trac] #38553: Posts Controller handle_terms throws warning

WordPress Trac noreply at wordpress.org
Sun Oct 30 01:42:15 UTC 2016 

#38553: Posts Controller handle_terms throws warning
--------------------------------------+--------------------
 Reporter:  timmydcrawford            |       Owner:
     Type:  defect (bug)              |      Status:  new
 Priority:  normal                    |   Milestone:  4.7
Component:  REST API                  |     Version:  trunk
 Severity:  normal                    |  Resolution:
 Keywords:  has-patch has-unit-tests  |     Focuses:
--------------------------------------+--------------------

Comment (by ChopinBach):

 Replying to [comment:6 jnylen0]:
 > Other things we should think about (in separate tickets):
 >
 > - How can we expose the schema information about what type(s) each
 argument accepts?  Currently it's not visible in the discovery response,
 the documentation, or the code (at least, not immediately obvious to me).

 I agree that each argument's type should be exposed in the discovery
 process, so that you can do validation client side. For taxonomy term
 settings for a post they are exposed in the discovery under the `schema`
 portion. Every non-readonly element in the schema is translated to an
 argument for create/update
 requests via `WP_REST_Controller::get_endpoint_args_for_item_schema()`.

 > - Are there other array inputs that should get similar treatment?  Let's
 be consistent about the way we handle these if possible.

 The main array parameters we have are the various `include`, `exclude`
 params and the `roles` param. The `include`/`exclude` params are supposed
 to be an array of ids and currently use the `wp_parse_id_list` as their
 `sanitize_callback`, without a `validate_callback`, to support arrays and
 csv lists.

 After reviewing our code some more, I believe I came across the actual
 root cause of the problem. Around line 1776 in the post controller, we
 need to add `arg_options => array( 'sanitize_callback' =>
 'wp_parse_id_list' )` to the schema, making it consistent with how other
 id lists are handled. This way on create and update requests we will auto
 sanitize our request arguments. Then the terms line can be changed to
 `$terms = $request[ $base ]`, or just replace the reference to `$terms`
 entirely. I think that would work, but haven't tested.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/38553#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list