Add sanitize_callback param for field

Simplify processing submitted value by removing `sanitize` filter. Do all the sanitization via `value` filter.
wpmetabox · Aug 7, 2019 · e0aa975 · e0aa975
2 parents 2144a36 + 011016b
commit e0aa975
Show file tree

Hide file tree

Showing 6 changed files with 49 additions and 27 deletions.
diff --git a/inc/clone.php b/inc/clone.php
@@ -89,8 +89,7 @@ public static function value( $new, $old, $post_id, $field ) {
 
 		foreach ( $new as $key => $value ) {
 			$old_value   = isset( $old[ $key ] ) ? $old[ $key ] : null;
-			$value       = RWMB_Field::call( $field, 'value', $value, $old_value, $post_id );
-			$new[ $key ] = RWMB_Field::filter( 'sanitize', $value, $field );
+			$new[ $key ] = RWMB_Field::call( $field, 'value', $value, $old_value, $post_id );
 		}
 
 		// Remove empty clones.

diff --git a/inc/field.php b/inc/field.php
@@ -246,6 +246,27 @@ public static function esc_meta( $meta ) {
 		return is_array( $meta ) ? array_map( __METHOD__, $meta ) : esc_attr( $meta );
 	}
 
+	/**
+	 * Process the submitted value before saving into the database.
+	 *
+	 * @param mixed $value     The submitted value.
+	 * @param int   $object_id The object ID.
+	 * @param array $field     The field settings.
+	 */
+	public static function process_value( $value, $object_id, $field ) {
+		$old_value = self::call( $field, 'raw_meta', $object_id );
+
+		// Allow field class change the value.
+		if ( $field['clone'] ) {
+			$value = RWMB_Clone::value( $value, $old_value, $object_id, $field );
+		} else {
+			$value = self::call( $field, 'value', $value, $old_value, $object_id );
+		}
+		$value = self::filter( 'value', $value, $field, $old_value, $object_id );
+
+		return $value;
+	}
+
 	/**
 	 * Set value of meta before saving into database.
 	 *
@@ -337,6 +358,8 @@ public static function normalize( $field ) {
 				'required'          => false,
 				'autofocus'         => false,
 				'attributes'        => array(),
+
+				'sanitize_callback' => null,
 			)
 		);
 

diff --git a/inc/loader.php b/inc/loader.php
@@ -96,8 +96,8 @@ public function init() {
 		// Validation module.
 		new RWMB_Validation();
 
-		$sanitize = new RWMB_Sanitizer();
-		$sanitize->init();
+		$sanitizer = new RWMB_Sanitizer();
+		$sanitizer->init();
 
 		$media_modal = new RWMB_Media_Modal();
 		$media_modal->init();

diff --git a/inc/media-modal.php b/inc/media-modal.php
@@ -81,17 +81,9 @@ public function save_fields( $post, $attachment ) {
 		foreach ( $this->fields as $field ) {
 			$key = $field['id'];
 
-			$old = RWMB_Field::call( $field, 'raw_meta', $post['ID'] );
 			$new = isset( $attachment[ $key ] ) ? $attachment[ $key ] : '';
 
-			// Allow field class change the value.
-			if ( $field['clone'] ) {
-				$new = RWMB_Clone::value( $new, $old, $post['ID'], $field );
-			} else {
-				$new = RWMB_Field::call( $field, 'value', $new, $old, $post['ID'] );
-				$new = RWMB_Field::filter( 'sanitize', $new, $field );
-			}
-			$new = RWMB_Field::filter( 'value', $new, $field, $old );
+			$new = RWMB_Field::process_value( $new, $post['ID'], $field );
 
 			// Call defined method to save meta value, if there's no methods, call common one.
 			RWMB_Field::call( $field, 'save', $new, $old, $post['ID'] );

diff --git a/inc/meta-box.php b/inc/meta-box.php
@@ -303,15 +303,7 @@ public function save_field( $field ) {
 		$old    = RWMB_Field::call( $field, 'raw_meta', $this->object_id );
 		// @codingStandardsIgnoreLine
 		$new    = isset( $_POST[ $field['id'] ] ) ? $_POST[ $field['id'] ] : ( $single ? '' : array() );
-
-		// Allow field class change the value.
-		if ( $field['clone'] ) {
-			$new = RWMB_Clone::value( $new, $old, $this->object_id, $field );
-		} else {
-			$new = RWMB_Field::call( $field, 'value', $new, $old, $this->object_id );
-			$new = RWMB_Field::filter( 'sanitize', $new, $field );
-		}
-		$new = RWMB_Field::filter( 'value', $new, $field, $old );
+		$new    = RWMB_Field::process_value( $new, $this->object_id, $field );
 
 		// Filter to allow the field to be modified.
 		$field = RWMB_Field::filter( 'field', $field, $field, $new, $old );

diff --git a/inc/sanitizer.php b/inc/sanitizer.php
@@ -9,13 +9,12 @@
  * Sanitize class.
  */
 class RWMB_Sanitizer {
-
 	/**
 	 * Built-in callbacks for some specific types.
 	 *
 	 * @var array
 	 */
-	protected $callbacks = array(
+	private $callbacks = array(
 		'email'      => 'sanitize_email',
 		'file_input' => 'esc_url_raw',
 		'oembed'     => 'esc_url_raw',
@@ -26,17 +25,34 @@ class RWMB_Sanitizer {
 	 * Register hook to sanitize field value.
 	 */
 	public function init() {
+		add_filter( 'rwmb_value', array( $this, 'run_sanitize_callback' ), 10, 4 );
+
 		// Built-in callback.
 		foreach ( $this->callbacks as $type => $callback ) {
-			add_filter( "rwmb_{$type}_sanitize", $callback );
+			add_filter( "rwmb_{$type}_value", $callback );
 		}
 
 		// Custom callback.
-		$methods = array_diff( get_class_methods( __CLASS__ ), array( 'init' ) );
+		$methods = array_diff( get_class_methods( __CLASS__ ), array( 'init', 'run_sanitize_callback' ) );
 		foreach ( $methods as $method ) {
 			$type = substr( $method, 9 );
-			add_filter( "rwmb_{$type}_sanitize", array( $this, $method ) );
+			add_filter( "rwmb_{$type}_value", array( $this, $method ) );
+		}
+	}
+
+	/**
+	 * Run `sanitize_callback` for each field if it's defined.
+	 *
+	 * @param mixed $value     The submitted new value.
+	 * @param array $field     The field settings.
+	 * @param mixed $old_value The old field value in the database.
+	 * @param int.  $object_id The object ID.
+	 */
+	public function run_sanitize_callback( $value, $field, $old_value, $object_id ) {
+		if ( ! is_callable( $field['sanitize_callback'] ) ) {
+			return $value;
 		}
+		return call_user_func( $field['sanitize_callback'], $value, $old_value, $field, $object_id );
 	}
 
 	/**