#21989: update_option() calls sanitize_option() twice when option does not exist
-------------------------------------------------+-------------------------
Reporter: MikeSchinkel | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future
Component: Options, Meta APIs | Release
Severity: normal | Version:
Keywords: dev-feedback has-patch needs- | Resolution:
testing needs-refresh | Focuses:
-------------------------------------------------+-------------------------
Changes (by dd32):
* version: 4.9.1 =>
Comment:
Removing the version keyword, as it specifically refers to the first
affected version (Which is something 8+ years ago I believe).
While this is a weird bug to run into, it's most definately not urgent
based on the 5 years this ticket has existed without action & few reports.
Unfortunately other than adding a `$already_sanitized` parameter to
`add_option()` as per [attachment:21989.2.diff] I don't really see a
backwards compatible route to take here - and I really don't like the idea
of adding a sanitization bypass parameter in something this low down in
the API.
Very tempted to suggest this as a `wontfix` myself and instead document
this scenario with a warning to cache (on a per-page load basis) any
expensive sanitization lookups.
I don't see an issue with running `intval()` multiple times, but
`wp_remote_post()` on a sanitisation callback seems like it'd be a bit too
heavy not to expect a problem.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/21989#comment:20>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform