/** * Sanitize the POST values before we use them * * @since 2.0 * @param array $values The POST values by reference */ public static function sanitize_entry_post(&$values) { $sanitize_method = array('form_id' => 'absint', 'frm_action' => 'sanitize_title', 'form_key' => 'sanitize_title', 'item_key' => 'sanitize_title', 'item_name' => 'sanitize_text_field', 'frm_saving_draft' => 'absint', 'is_draft' => 'absint', 'post_id' => 'absint', 'parent_item_id' => 'absint', 'created_at' => 'sanitize_text_field', 'updated_at' => 'sanitize_text_field'); FrmAppHelper::sanitize_request($sanitize_method, $values); }
/** * @covers FrmAppHelper::sanitize_request */ function test_sanitize_request() { $values = array('form_id' => '<script></script>12', 'frm_action' => '<script></script>create me', 'form_key' => '<script></script>This is a <b>text</b> field', 'content' => '<script></script>This is a <b>text</b> field'); $sanitize_method = array('form_id' => 'absint', 'frm_action' => 'sanitize_title', 'form_key' => 'sanitize_text_field', 'content' => 'wp_kses_post'); FrmAppHelper::sanitize_request($sanitize_method, $values); $this->assertEquals($values['form_id'], absint($values['form_id'])); $this->assertEquals($values['frm_action'], sanitize_title($values['frm_action'])); $this->assertEquals($values['form_key'], sanitize_text_field($values['form_key'])); $this->assertEquals($values['content'], wp_kses_post($values['content'])); }