| public validate_setting_values ( array $setting_values, array $options = [] ) : array | ||
| $setting_values | array | Mapping of setting IDs to values to validate and sanitize. |
| $options | array | { Options. @type bool $validate_existence Whether a setting's existence will be checked. @type bool $validate_capability Whether the setting capability will be checked. } |
| return | array | Mapping of setting IDs to return value of validate method calls, either `true` or `WP_Error`. |
public function validate_setting_values($setting_values, $options = array())
{
$options = wp_parse_args($options, array('validate_capability' => false, 'validate_existence' => false));
$validities = array();
foreach ($setting_values as $setting_id => $unsanitized_value) {
$setting = $this->get_setting($setting_id);
if (!$setting) {
if ($options['validate_existence']) {
$validities[$setting_id] = new WP_Error('unrecognized', __('Setting does not exist or is unrecognized.'));
}
continue;
}
if ($options['validate_capability'] && !current_user_can($setting->capability)) {
$validity = new WP_Error('unauthorized', __('Unauthorized to modify setting due to capability.'));
} else {
if (is_null($unsanitized_value)) {
continue;
}
$validity = $setting->validate($unsanitized_value);
}
if (!is_wp_error($validity)) {
/** This filter is documented in wp-includes/class-wp-customize-setting.php */
$late_validity = apply_filters("customize_validate_{$setting->id}", new WP_Error(), $unsanitized_value, $setting);
if (!empty($late_validity->errors)) {
$validity = $late_validity;
}
}
if (!is_wp_error($validity)) {
$value = $setting->sanitize($unsanitized_value);
if (is_null($value)) {
$validity = false;
} elseif (is_wp_error($value)) {
$validity = $value;
}
}
if (false === $validity) {
$validity = new WP_Error('invalid_value', __('Invalid value.'));
}
$validities[$setting_id] = $validity;
}
return $validities;
} /**
* Test WP_Customize_Manager::validate_setting_values().
*
* @see WP_Customize_Manager::validate_setting_values()
*/
function test_validate_setting_values()
{
$default_value = 'foo_default';
$setting = $this->manager->add_setting('foo', array('validate_callback' => array($this, 'filter_customize_validate_foo'), 'sanitize_callback' => array($this, 'filter_customize_sanitize_foo')));
$post_value = 'bar';
$this->manager->set_post_value('foo', $post_value);
$this->assertEmpty($this->manager->validate_setting_values($this->manager->unsanitized_post_values()));
$this->manager->set_post_value('foo', 'return_wp_error_in_sanitize');
$invalid_settings = $this->manager->validate_setting_values($this->manager->unsanitized_post_values());
$this->assertCount(1, $invalid_settings);
$this->assertArrayHasKey($setting->id, $invalid_settings);
$this->assertInstanceOf('WP_Error', $invalid_settings[$setting->id]);
$error = $invalid_settings[$setting->id];
$this->assertEquals('invalid_value_in_sanitize', $error->get_error_code());
$this->assertEquals(array('source' => 'filter_customize_sanitize_foo'), $error->get_error_data());
$this->manager->set_post_value('foo', 'return_null_in_sanitize');
$invalid_settings = $this->manager->validate_setting_values($this->manager->unsanitized_post_values());
$this->assertCount(1, $invalid_settings);
$this->assertArrayHasKey($setting->id, $invalid_settings);
$this->assertInstanceOf('WP_Error', $invalid_settings[$setting->id]);
$this->assertNull($invalid_settings[$setting->id]->get_error_data());
$post_value = '<script>evil</script>';
$this->manager->set_post_value('foo', $post_value);
$invalid_settings = $this->manager->validate_setting_values($this->manager->unsanitized_post_values());
$this->assertCount(1, $invalid_settings);
$this->assertArrayHasKey($setting->id, $invalid_settings);
$this->assertInstanceOf('WP_Error', $invalid_settings[$setting->id]);
$error = $invalid_settings[$setting->id];
$this->assertEquals('invalid_value_in_validate', $error->get_error_code());
$this->assertEquals(array('source' => 'filter_customize_validate_foo'), $error->get_error_data());
}
