Home > Back-end >  WordPress - Sanitize user input params in REST api request
WordPress - Sanitize user input params in REST api request

Time:10-09

I've created some custom rest routes using wp register_rest_route() function. All the routes works fine, but I need to sanitize the inputs that will be passed to other wp functions and will create an user. I've read about map_deep() function, but when I need to use the wp_insert_user() or wp_update_user() I will have nested array for user meta and user basic info like email etc, and I need to apply sanitize_email or other sanitization functions.

Will the sanitize functions wirk if I call them directly inside the defined array that will be passed to wp_insert_user() or wp_update_user() functions?

<?php
//example
wp_insert_user(
 'user_email' => sanitize_email( $request->get_param('email') ),
 'meta_input' => array(
  'gamer_tag' => sanitize_text_field( $request->get_param('gamer_tag') )
 )
);

?>

CodePudding user response:

Yes, the sanitizing functions will work in your code snippet.

NOTE: There is an issue in your code snippet, you're not passing array or object you're directly writing array keys and values, you need to wrap the keys within an array

The correct code is here:

<?php
wp_insert_user(
    array( // You were missing this array wrap
        'user_email' => sanitize_email( $request->get_param( 'email' ) ),
        'meta_input' => array(
            'gamer_tag' => sanitize_text_field( $request->get_param( 'gamer_tag' ) ),
        ),
    )
);

Page link:https//www.codepudding.com/Backend/569762.html

Prev:Get author information in yith woocommerce wishlist premium
Next:How to add attribute to the script in php
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding