/**
* Validate and sanitize any submitted data. Used when editing the definition for
* this type of element. Default behavior here is require only a unique name and
* label. Override this if customized validation is required: usually you'll want
* to override and still reference the parent:
* public function save_definition_filter($posted_data) {
* $posted_data = parent::save_definition_filter($posted_data);
* // your code here...
* return $posted_data;
* }
*
*
* into the field values.
*
* @param array $posted_data = $_POST data
* @return array filtered field_data that can be saved OR can be safely repopulated
*/
public function save_definition_filter($posted_data)
{
if (empty($posted_data['name'])) {
$this->errors['name'][] = __('Name is required.', CCTM_TXTDOMAIN);
} else {
// Are there any invalid characters? 1st char. must be a letter (req'd for valid prop/func names)
if (!preg_match('/^[a-z]{1}[a-z_0-9]*$/i', $posted_data['name'])) {
$this->errors['name'][] = sprintf(__('%s contains invalid characters. The name may only contain letters, numbers, and underscores, and it must begin with a letter.', CCTM_TXTDOMAIN), '<strong>' . $posted_data['name'] . '</strong>');
$posted_data['name'] = preg_replace('/[^a-z_0-9]/', '', $posted_data['name']);
}
// Is the name too long?
if (strlen($posted_data['name']) > 255) {
$posted_data['name'] = substr($posted_data['name'], 0, 255);
$this->errors['name'][] = __('The name is too long. Names must not exceed 255 characters.', CCTM_TXTDOMAIN);
}
// Run into any reserved words?
if (in_array($posted_data['name'], CCTM::$reserved_field_names)) {
$this->errors['name'][] = sprintf(__('%s is a reserved name.', CCTM_TXTDOMAIN), '<strong>' . $posted_data['name'] . '</strong>');
$posted_data['name'] = '';
}
// it's a CREATE operation
if (empty($this->original_name)) {
if (isset(CCTM::$data['custom_field_defs']) && is_array(CCTM::$data['custom_field_defs'])) {
foreach (CCTM::$data['custom_field_defs'] as $cf => $def) {
if (strtolower($posted_data['name']) == strtolower($cf)) {
$this->errors['name'][] = sprintf(__('The name %s is already in use. Please choose another name.', CCTM_TXTDOMAIN), '<em>' . $posted_data['name'] . '</em>');
}
}
}
} elseif ($this->original_name != $posted_data['name']) {
if (isset(CCTM::$data['custom_field_defs']) && is_array(CCTM::$data['custom_field_defs'])) {
if (strtolower($posted_data['name']) == strtolower($cf)) {
$this->errors['name'][] = sprintf(__('The name %s is already in use. Please choose another name.', CCTM_TXTDOMAIN), '<em>' . $posted_data['name'] . '</em>');
}
$posted_data['name'] = '';
}
}
}
// You may need to do this for any textarea fields. Saving a '</textarea>' tag
// in your description field can wreak everything.
if (!empty($posted_data['description'])) {
$posted_data['description'] = strip_tags($posted_data['description'], CCTM::$allowed_html_tags);
}
$posted_data = CCTM::striptags_deep($posted_data);
// WP always quotes data (!!!), so we don't bother checking get_magic_quotes_gpc et al.
// See this: http://kovshenin.com/archives/wordpress-and-magic-quotes/
$posted_data = CCTM::stripslashes_deep($posted_data);
//return $posted_data; // simplifiying immutable
foreach ($this->immutable as $x) {
if (isset($this->props[$x])) {
$posted_data[$x] = $this->props[$x];
} else {
$posted_data[$x] = '';
}
}
return $posted_data;
// Apply immutable properties, and return filtered data
//return array_merge($posted_data, $this->immutable);
}
/**
* Everything when creating a new post type must be filtered here.
*
* Problems with:
* hierarchical
* rewrite_with_front
*
* This is janky... sorta doesn't work how it's supposed when combined with save_post_type_settings().
*
*
* @param mixed $raw unsanitized $_POST data
* @return mixed filtered $_POST data (only white-listed are passed thru to output)
*/
public static function sanitize_post_type_def($raw)
{
$sanitized = array();
unset($raw['custom_content_type_mgr_create_new_content_type_nonce']);
unset($raw['custom_content_type_mgr_edit_content_type_nonce']);
$raw = CCTM::striptags_deep($raw);
// WP always adds slashes: see http://kovshenin.com/archives/wordpress-and-magic-quotes/
$raw = CCTM::stripslashes_deep($raw);
// Handle unchecked checkboxes
if (empty($raw['cctm_hierarchical_custom'])) {
$sanitized['cctm_hierarchical_custom'] = '';
}
if (empty($raw['cctm_hierarchical_includes_drafts'])) {
$sanitized['cctm_hierarchical_includes_drafts'] = '';
}
if (empty($raw['cctm_hierarchical_post_types'])) {
$sanitized['cctm_hierarchical_post_types'] = array();
}
if (!isset($raw['cctm_custom_columns_enabled'])) {
$sanitized['cctm_custom_columns_enabled'] = 0;
}
if (!isset($raw['cctm_enable_right_now'])) {
$sanitized['cctm_enable_right_now'] = 0;
}
// This will be empty if no "supports" items are checked.
if (!empty($raw['supports'])) {
$sanitized['supports'] = $raw['supports'];
unset($raw['supports']);
} else {
$sanitized['supports'] = array();
}
if (!empty($raw['taxonomies'])) {
$sanitized['taxonomies'] = $raw['taxonomies'];
} else {
// do this so this will take precedence when you merge the existing array with the new one in the save_post_type_settings() function.
$sanitized['taxonomies'] = array();
}
// You gotta unset arrays if you want the foreach thing below to work.
unset($raw['taxonomies']);
// Temporary thing... ????
unset($sanitized['rewrite_slug']);
// The main event
// We grab everything except stuff that begins with '_', then override specific $keys as needed.
foreach ($raw as $key => $value) {
if (!preg_match('/^_.*/', $key)) {
$sanitized[$key] = CCTM::get_value($raw, $key);
}
}
// Specific overrides below:
$sanitized['description'] = strip_tags($raw['description']);
// post_type is the only required field
$sanitized['post_type'] = CCTM::get_value($raw, 'post_type');
$sanitized['post_type'] = strtolower($sanitized['post_type']);
$sanitized['post_type'] = preg_replace('/[^a-z0-9_\\-]/', '_', $sanitized['post_type']);
$sanitized['post_type'] = substr($sanitized['post_type'], 0, 20);
// Our form passes integers and strings, but WP req's literal booleans,
// so we do some type-casting here to ensure literal booleans.
$sanitized['public'] = (bool) CCTM::get_value($raw, 'public');
$sanitized['rewrite_with_front'] = (bool) CCTM::get_value($raw, 'rewrite_with_front');
$sanitized['show_ui'] = (bool) CCTM::get_value($raw, 'show_ui');
$sanitized['public'] = (bool) CCTM::get_value($raw, 'public');
$sanitized['show_in_nav_menus'] = (bool) CCTM::get_value($raw, 'show_in_nav_menus');
$sanitized['can_export'] = (bool) CCTM::get_value($raw, 'can_export');
$sanitized['use_default_menu_icon'] = (bool) CCTM::get_value($raw, 'use_default_menu_icon');
$sanitized['hierarchical'] = (bool) CCTM::get_value($raw, 'hierarchical');
$sanitized['include_in_search'] = (bool) CCTM::get_value($raw, 'include_in_search');
$sanitized['publicly_queryable'] = (bool) CCTM::get_value($raw, 'publicly_queryable');
$sanitized['include_in_rss'] = (bool) CCTM::get_value($raw, 'include_in_rss');
$sanitized['map_meta_cap'] = (bool) CCTM::get_value($raw, 'map_meta_cap');
$sanitized['show_in_admin_bar'] = (bool) CCTM::get_value($raw, 'show_in_admin_bar');
if (empty($sanitized['has_archive'])) {
$sanitized['has_archive'] = false;
} else {
$sanitized['has_archive'] = true;
}
// *facepalm*... Special handling req'd here for menu_position because 0
// is handled differently than a literal null.
if ((int) CCTM::get_value($raw, 'menu_position')) {
$sanitized['menu_position'] = (int) CCTM::get_value($raw, 'menu_position', null);
} else {
$sanitized['menu_position'] = null;
}
$sanitized['show_in_menu'] = CCTM::get_value($raw, 'show_in_menu');
$sanitized['cctm_show_in_menu'] = CCTM::get_value($raw, 'cctm_show_in_menu');
// menu_icon... the user will lose any custom Menu Icon URL if they save with this checked!
// TODO: let this value persist.
if ($sanitized['use_default_menu_icon']) {
unset($sanitized['menu_icon']);
// === null;
}
if (empty($sanitized['query_var'])) {
$sanitized['query_var'] = false;
}
// Cleaning up the labels
if (empty($sanitized['label'])) {
$sanitized['label'] = ucfirst($sanitized['post_type']);
}
if (empty($sanitized['labels']['singular_name'])) {
$sanitized['labels']['singular_name'] = ucfirst($sanitized['post_type']);
}
if (empty($sanitized['labels']['add_new'])) {
$sanitized['labels']['add_new'] = __('Add New');
}
if (empty($sanitized['labels']['add_new_item'])) {
$sanitized['labels']['add_new_item'] = __('Add New') . ' ' . ucfirst($sanitized['post_type']);
}
if (empty($sanitized['labels']['edit_item'])) {
$sanitized['labels']['edit_item'] = __('Edit') . ' ' . ucfirst($sanitized['post_type']);
}
if (empty($sanitized['labels']['new_item'])) {
$sanitized['labels']['new_item'] = __('New') . ' ' . ucfirst($sanitized['post_type']);
}
if (empty($sanitized['labels']['view_item'])) {
$sanitized['labels']['view_item'] = __('View') . ' ' . ucfirst($sanitized['post_type']);
}
if (empty($sanitized['labels']['search_items'])) {
$sanitized['labels']['search_items'] = __('Search') . ' ' . ucfirst($sanitized['labels']['menu_name']);
}
if (empty($sanitized['labels']['not_found'])) {
$sanitized['labels']['not_found'] = sprintf(__('No %s found', CCTM_TXTDOMAIN), strtolower($raw['labels']['menu_name']));
}
if (empty($sanitized['labels']['not_found_in_trash'])) {
$sanitized['labels']['not_found_in_trash'] = sprintf(__('No %s found in trash', CCTM_TXTDOMAIN), strtolower($raw['labels']['menu_name']));
}
if (empty($sanitized['labels']['parent_item_colon'])) {
$sanitized['labels']['parent_item_colon'] = __('Parent Page');
}
// Rewrites. TODO: make this work like the built-in post-type permalinks
switch ($sanitized['permalink_action']) {
case '/%postname%/':
$sanitized['rewrite'] = true;
break;
case 'Custom':
$sanitized['rewrite']['slug'] = $raw['rewrite_slug'];
$sanitized['rewrite']['with_front'] = isset($raw['rewrite_with_front']) ? (bool) $raw['rewrite_with_front'] : false;
break;
case 'Off':
default:
$sanitized['rewrite'] = false;
}
return $sanitized;
}
/**
* Sanitize data
* @param array
* @return array
*/
public static function sanitize($posted_data)
{
$data = array();
$data['id'] = CCTM::get_value($posted_data, 'id');
$data['old_id'] = CCTM::get_value($posted_data, 'old_id');
$data['title'] = CCTM::get_value($posted_data, 'title');
$data['context'] = CCTM::get_value($posted_data, 'context');
$data['priority'] = CCTM::get_value($posted_data, 'priority');
$data['callback'] = CCTM::get_value($posted_data, 'callback');
$data['callback_args'] = CCTM::get_value($posted_data, 'callback_args');
// See https://code.google.com/p/wordpress-custom-content-type-manager/issues/detail?id=511
$data['visibility_control'] = isset($posted_data['visibility_control']) ? $posted_data['visibility_control'] : '';
$data['post_types'] = CCTM::get_value($posted_data, 'post_types', array());
$data = CCTM::striptags_deep($data);
$data = CCTM::stripslashes_deep($data);
return $data;
}
