I've created some custom rest routes using wp register_rest_route()
function.
All the routes works fine, but I need to sanitize the inputs that will be passed to other wp functions and will create an user. I've read about map_deep()
function, but when I need to use the wp_insert_user()
or wp_update_user()
I will have nested array for user meta and user basic info like email etc, and I need to apply sanitize_email
or other sanitization functions.
Will the sanitize functions wirk if I call them directly inside the defined array that will be passed to wp_insert_user()
or wp_update_user()
functions?
<?php
//example
wp_insert_user(
'user_email' => sanitize_email( $request->get_param('email') ),
'meta_input' => array(
'gamer_tag' => sanitize_text_field( $request->get_param('gamer_tag') )
)
);
?>
CodePudding user response:
Yes, the sanitizing functions will work in your code snippet.
NOTE: There is an issue in your code snippet, you're not passing array
or object
you're directly writing array keys and values, you need to wrap the keys within an array
The correct code is here:
<?php
wp_insert_user(
array( // You were missing this array wrap
'user_email' => sanitize_email( $request->get_param( 'email' ) ),
'meta_input' => array(
'gamer_tag' => sanitize_text_field( $request->get_param( 'gamer_tag' ) ),
),
)
);