Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-01-09 18:08:09 +01:00
Code Issues Projects Releases Wiki Activity

Customize: Reverse order of setting sanitization/validation, validating prior to sanitizing.

Browse Source 
Reverses order where sanitization was being applied before validation originally in accordance with REST API logic.

Props westonruter, schlessera.
See #34893.
See #37192.
Fixes #37247.

Built from https://develop.svn.wordpress.org/trunk@37942


git-svn-id: http://core.svn.wordpress.org/trunk@37883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Weston Ruter 2016-07-02 18:39:30 +00:00
parent 20b329ba08
commit 318fec4dcd
2 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
wp-includes/class-wp-customize-manager.php
View File

@ -670,14 +670,15 @@ final class WP_Customize_Manager {
if ( ! array_key_exists( $setting->id, $post_values ) ) { if ( ! array_key_exists( $setting->id, $post_values ) ) {
return $default; return $default;
} }
$value = $setting->sanitize( $post_values[ $setting->id ] ); $value = $post_values[ $setting->id ];
if ( is_null( $value ) || is_wp_error( $value ) ) {
return $default;
}
$valid = $setting->validate( $value ); $valid = $setting->validate( $value );
if ( is_wp_error( $valid ) ) { if ( is_wp_error( $valid ) ) {
return $default; return $default;
} }
$value = $setting->sanitize( $value );
if ( is_null( $value ) || is_wp_error( $value ) ) {
return $default;
}
return $value; return $value;
} }
@ -1007,8 +1008,16 @@ final class WP_Customize_Manager {
if ( ! $setting || is_null( $unsanitized_value ) ) { if ( ! $setting || is_null( $unsanitized_value ) ) {
continue; continue;
} }
$validity = $setting->validate( $setting->sanitize( $unsanitized_value ) ); $validity = $setting->validate( $unsanitized_value );
if ( false === $validity || null === $validity ) { if ( ! is_wp_error( $validity ) ) {
$value = $setting->sanitize( $unsanitized_value );
if ( is_null( $value ) ) {
$validity = false;
} elseif ( is_wp_error( $value ) ) {
$validity = $value;
}
}
if ( false === $validity ) {
$validity = new WP_Error( 'invalid_value', __( 'Invalid value.' ) ); $validity = new WP_Error( 'invalid_value', __( 'Invalid value.' ) );
} }
$validities[ $setting_id ] = $validity; $validities[ $setting_id ] = $validity;

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.6-beta1-37941'; $wp_version = '4.6-beta1-37942';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.