[buddypress-trac] [BuddyPress Trac] #6210: Create New Invitations API
buddypress-trac
noreply at wordpress.org
Thu Mar 14 21:57:41 UTC 2019
#6210: Create New Invitations API
-----------------------------------------+-----------------------
Reporter: dcavins | Owner: dcavins
Type: enhancement | Status: reopened
Priority: low | Milestone:
Component: Core | Version:
Severity: normal | Resolution:
Keywords: dev-feedback trac-tidy-2018 |
-----------------------------------------+-----------------------
Comment (by dcavins):
Replying to [comment:31 boonebgorges]:
> > Are you thinking that you'd like to see the sanitizing happen not in
the manager class but down in the invitation object class?
>
> No, I mean you should also sanitize when querying using
`BP_Invitation::get()`. https://github.com/dcavins/bp-svn-
bporg/blob/6210-Aug2018/src/bp-core/classes/class-bp-invitation.php#L39
Sorry, that's what I was trying to say by "down in the invitation object
class".
I could add the sanitization to the `populate` method (which would
effectively be a pre-`save` sanitization):
https://github.com/dcavins/bp-svn-bporg/blob/6210-Aug2018/src/bp-
core/classes/class-bp-invitation.php#L230
and the `get` method as you suggest:
https://github.com/dcavins/bp-svn-bporg/blob/6210-Aug2018/src/bp-
core/classes/class-bp-invitation.php#L704
Then the sanitization could be removed from the manager class:
https://github.com/dcavins/bp-svn-bporg/blob/6210-Aug2018/src/bp-
core/classes/class-bp-invitation-manager.php#L41
And it would be enforced whether you were using a manager class to manage
invitations (like we expect), or if you were working directly with the
invitation object via methods like `BP_Invitation::get()`, which is a bit
more dangerous, but surely people will do.
Whichever you prefer is fine with me.
Thanks!
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/6210#comment:32>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list