/**
* Sanitize a request argument based on details registered to the route.
*
* @param mixed $value
* @param WP_REST_Request $request
* @param string $param
* @return mixed
*/
function rest_sanitize_request_arg($value, $request, $param)
{
$attributes = $request->get_attributes();
if (!isset($attributes['args'][$param]) || !is_array($attributes['args'][$param])) {
return $value;
}
$args = $attributes['args'][$param];
if ('integer' === $args['type']) {
return (int) $value;
}
if ('boolean' === $args['type']) {
return rest_sanitize_boolean($value);
}
if (isset($args['format'])) {
switch ($args['format']) {
case 'date-time':
return sanitize_text_field($value);
case 'email':
/*
* sanitize_email() validates, which would be unexpected
*/
return sanitize_text_field($value);
case 'uri':
return esc_url_raw($value);
case 'ipv4':
return sanitize_text_field($value);
}
}
return $value;
}
/**
* Sanitize a value based on a schema.
*
* @param mixed $value The value to sanitize.
* @param array $args Schema array to use for sanitization.
* @return true|WP_Error
*/
function rest_sanitize_value_from_schema($value, $args)
{
if ('array' === $args['type']) {
if (empty($args['items'])) {
return (array) $value;
}
if (!is_array($value)) {
$value = preg_split('/[\\s,]+/', $value);
}
foreach ($value as $index => $v) {
$value[$index] = rest_sanitize_value_from_schema($v, $args['items']);
}
return $value;
}
if ('integer' === $args['type']) {
return (int) $value;
}
if ('number' === $args['type']) {
return (double) $value;
}
if ('boolean' === $args['type']) {
return rest_sanitize_boolean($value);
}
if (isset($args['format'])) {
switch ($args['format']) {
case 'date-time':
return sanitize_text_field($value);
case 'email':
/*
* sanitize_email() validates, which would be unexpected.
*/
return sanitize_text_field($value);
case 'uri':
return esc_url_raw($value);
case 'ipv4':
return sanitize_text_field($value);
}
}
return $value;
}
