public function test_empty_field_with_empty_object_id() { $field = new CMB2_Field(array('field_args' => $this->field_args)); // data should be empty since we have no object id $this->assertEmpty($field->get_data()); // add some xss for good measure $dirty_val = 'test<html><stuff><script>xss</script><a href="http://xssattackexamples.com/">Click to Download</a>'; $cleaned_val = sanitize_text_field($dirty_val); // Make sure it sanitizes as expected $this->assertEquals($cleaned_val, $field->sanitization_cb($dirty_val)); // Sanitize/store the field $this->assertTrue($field->save_field($dirty_val)); // Retrieve saved value(s) $this->assertEquals($cleaned_val, cmb2_options(0)->get($field->id())); $this->assertEquals(array('test_test' => $cleaned_val), cmb2_options(0)->get_options()); }
/** * Process and save a field * @since 2.0.0 * @param array $field_args Array of field arguments */ public function process_field($field_args) { switch ($field_args['type']) { case 'group': $this->save_group($field_args); break; case 'title': // Don't process title fields break; default: // Save default fields $field = new CMB2_Field(array('field_args' => $field_args, 'object_type' => $this->object_type(), 'object_id' => $this->object_id())); if ($field->save_field($this->data_to_save)) { $this->updated[] = $field->id(); } break; } }
/** * Loops through and saves field data * @since 1.0.0 * @param int $object_id Object ID * @param string $object_type Type of object being saved. (e.g., post, user, or comment) */ public function save_fields($object_id = 0, $object_type = '', $_post) { $object_id = $this->object_id($object_id); $object_type = $this->object_type($object_type); $this->prop('show_on', array('key' => false, 'value' => false)); // save field ids of those that are updated $this->updated = array(); foreach ($this->prop('fields') as $field_args) { if ('group' == $field_args['type']) { $this->save_group($field_args); } elseif ('title' == $field_args['type']) { // Don't process title fields continue; } else { // Save default fields $field = new CMB2_Field(array('field_args' => $field_args, 'object_type' => $object_type, 'object_id' => $object_id)); $field->save_field($_post); } } // If options page, save the updated options if ($object_type == 'options-page') { cmb2_options($object_id)->set(); } /** * Fires after all fields have been saved. * * The dynamic portion of the hook name, $object_type, refers to the metabox/form's object type * Usually `post` (this applies to all post-types). * Could also be `comment`, `user` or `options-page`. * * @param int $object_id The ID of the current object * @param array $cmb_id The current box ID * @param string $updated All fields that were updated. * Will only include fields that had values change. * @param array $cmb This CMB2 object */ do_action("cmb2_save_{$object_type}_fields", $object_id, $this->cmb_id, $this->updated, $this); }