Skip to content

Add sanitize_callback to validate palette checkbox input #290

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
aditigodse10 wants to merge 3 commits into
base: develop
Choose a base branch
from
Open

Add sanitize_callback to validate palette checkbox input #290

aditigodse10 wants to merge 3 commits into from

Conversation

@aditigodse10
Copy link

@aditigodse10 aditigodse10 commented Jul 19, 2025

This PR adds a sanitize_callback to the tenup_isc_most_read_palette option to validate input before saving.

✅ Accepts only true, 'on', 1, or '1'
❌ Rejects all invalid values
🛡️ Shows an admin error using add_settings_error() when input is incorrect

This ensures secure, expected handling of the checkbox setting and follows WordPress sanitization best practices.

@jeffpaul jeffpaul added this to the Future Release milestone Aug 11, 2025
@jeffpaul jeffpaul requested review from Sidsector9 and removed request for dkotter and jeffpaul August 11, 2025 18:33
@jeffpaul jeffpaul moved this to Code Review in Open Source Practice Aug 11, 2025
Sidsector9
Sidsector9 requested changes Aug 13, 2025
View reviewed changes
inc/plugin.php
'default' => false,
'sanitize_callback' => function( $input ) {
// Accept only true, 'on', or 1
if ( $input === 'on' || $input === true || $input === 1 || $input === '1' ) {
Copy link
Contributor

@Sidsector9 Sidsector9 Aug 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for raising this fix @aditigodse10

I found an issue, that when you try to save the settings with the checkbox unchecked, the Invalid value for Most Used Palette setting. error is shown on top of the page. This is because $input is null when it is unchecked. Can you fix that?

Copy link
Author

@aditigodse10 aditigodse10 Aug 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes sure, will do.

Copy link
Member

@jeffpaul jeffpaul Oct 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aditigodse10 checking in to see if you'll be able to updated based on the code review feedback above?

@github-project-automation github-project-automation bot moved this from Code Review to In Progress in Open Source Practice Aug 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeffpaul jeffpaul jeffpaul left review comments

@Sidsector9 Sidsector9 Sidsector9 requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@aditigodse10 aditigodse10

Labels

None yet

Projects

Open Source Practice
Status: In Progress

Milestone

Future Release

Development

Successfully merging this pull request may close these issues.

3 participants

@aditigodse10 @jeffpaul @Sidsector9