[buddypress-trac] [BuddyPress Trac] #6210: Create New Invitations API

buddypress-trac noreply at wordpress.org
Thu Mar 14 21:57:41 UTC 2019


#6210: Create New Invitations API
-----------------------------------------+-----------------------
 Reporter:  dcavins                      |       Owner:  dcavins
     Type:  enhancement                  |      Status:  reopened
 Priority:  low                          |   Milestone:
Component:  Core                         |     Version:
 Severity:  normal                       |  Resolution:
 Keywords:  dev-feedback trac-tidy-2018  |
-----------------------------------------+-----------------------

Comment (by dcavins):

 Replying to [comment:31 boonebgorges]:
 > > Are you thinking that you'd like to see the sanitizing happen not in
 the manager class but down in the invitation object class?
 >
 > No, I mean you should also sanitize when querying using
 `BP_Invitation::get()`. https://github.com/dcavins/bp-svn-
 bporg/blob/6210-Aug2018/src/bp-core/classes/class-bp-invitation.php#L39

 Sorry, that's what I was trying to say by "down in the invitation object
 class".

 I could add the sanitization to the `populate` method (which would
 effectively be a pre-`save` sanitization):
 https://github.com/dcavins/bp-svn-bporg/blob/6210-Aug2018/src/bp-
 core/classes/class-bp-invitation.php#L230

 and the `get` method as you suggest:
 https://github.com/dcavins/bp-svn-bporg/blob/6210-Aug2018/src/bp-
 core/classes/class-bp-invitation.php#L704

 Then the sanitization could be removed from the manager class:
 https://github.com/dcavins/bp-svn-bporg/blob/6210-Aug2018/src/bp-
 core/classes/class-bp-invitation-manager.php#L41

 And it would be enforced whether you were using a manager class to manage
 invitations (like we expect), or if you were working directly with the
 invitation object via methods like `BP_Invitation::get()`, which is a bit
 more dangerous, but surely people will do.

 Whichever you prefer is fine with me.

 Thanks!

-- 
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/6210#comment:32>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac


More information about the buddypress-trac mailing list