diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php index 42187df05b..9d8e7d438f 100644 --- a/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php +++ b/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php @@ -594,7 +594,6 @@ class WP_REST_Attachments_Controller extends WP_REST_Posts_Controller { 'description' => __( 'Limit result set to attachments of a particular media type.' ), 'type' => 'string', 'enum' => array_keys( $media_types ), - 'validate_callback' => 'rest_validate_request_arg', ); $params['mime_type'] = array( diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php index bfd652db4b..b0a8bd790d 100644 --- a/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php +++ b/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php @@ -1114,9 +1114,7 @@ class WP_REST_Comments_Controller extends WP_REST_Controller { 'type' => 'string', 'format' => 'ipv4', 'context' => array( 'edit' ), - 'arg_options' => array( - 'default' => '127.0.0.1', - ), + 'default' => '127.0.0.1', ), 'author_name' => array( 'description' => __( 'Display name for the object author.' ), @@ -1188,17 +1186,13 @@ class WP_REST_Comments_Controller extends WP_REST_Controller { 'description' => __( 'The id for the parent of the object.' ), 'type' => 'integer', 'context' => array( 'view', 'edit', 'embed' ), - 'arg_options' => array( - 'default' => 0, - ), + 'default' => 0, ), 'post' => array( 'description' => __( 'The id of the associated post object.' ), 'type' => 'integer', 'context' => array( 'view', 'edit' ), - 'arg_options' => array( - 'default' => 0, - ), + 'default' => 0, ), 'status' => array( 'description' => __( 'State of the object.' ), @@ -1264,26 +1258,28 @@ class WP_REST_Comments_Controller extends WP_REST_Controller { 'description' => __( 'Limit response to resources published after a given ISO8601 compliant date.' ), 'type' => 'string', 'format' => 'date-time', - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['author'] = array( 'description' => __( 'Limit result set to comments assigned to specific user ids. Requires authorization.' ), - 'sanitize_callback' => 'wp_parse_id_list', 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), ); $query_params['author_exclude'] = array( 'description' => __( 'Ensure result set excludes comments assigned to specific user ids. Requires authorization.' ), - 'sanitize_callback' => 'wp_parse_id_list', 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), ); $query_params['author_email'] = array( 'default' => null, 'description' => __( 'Limit result set to that from a specific author email. Requires authorization.' ), 'format' => 'email', - 'sanitize_callback' => 'sanitize_email', 'type' => 'string', ); @@ -1291,43 +1287,40 @@ class WP_REST_Comments_Controller extends WP_REST_Controller { 'description' => __( 'Limit response to resources published before a given ISO8601 compliant date.' ), 'type' => 'string', 'format' => 'date-time', - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['exclude'] = array( 'description' => __( 'Ensure result set excludes specific ids.' ), 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), - 'sanitize_callback' => 'wp_parse_id_list', ); $query_params['include'] = array( 'description' => __( 'Limit result set to specific ids.' ), 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), - 'sanitize_callback' => 'wp_parse_id_list', ); $query_params['karma'] = array( 'default' => null, 'description' => __( 'Limit result set to that of a particular comment karma. Requires authorization.' ), - 'sanitize_callback' => 'absint', 'type' => 'integer', - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['offset'] = array( 'description' => __( 'Offset the result set by a specific number of comments.' ), 'type' => 'integer', - 'sanitize_callback' => 'absint', - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['order'] = array( 'description' => __( 'Order sort attribute ascending or descending.' ), 'type' => 'string', - 'sanitize_callback' => 'sanitize_key', - 'validate_callback' => 'rest_validate_request_arg', 'default' => 'desc', 'enum' => array( 'asc', @@ -1338,8 +1331,6 @@ class WP_REST_Comments_Controller extends WP_REST_Controller { $query_params['orderby'] = array( 'description' => __( 'Sort collection by object attribute.' ), 'type' => 'string', - 'sanitize_callback' => 'sanitize_key', - 'validate_callback' => 'rest_validate_request_arg', 'default' => 'date_gmt', 'enum' => array( 'date', @@ -1355,22 +1346,28 @@ class WP_REST_Comments_Controller extends WP_REST_Controller { $query_params['parent'] = array( 'default' => array(), 'description' => __( 'Limit result set to resources of specific parent ids.' ), - 'sanitize_callback' => 'wp_parse_id_list', 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), ); $query_params['parent_exclude'] = array( 'default' => array(), 'description' => __( 'Ensure result set excludes specific parent ids.' ), - 'sanitize_callback' => 'wp_parse_id_list', 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), ); $query_params['post'] = array( 'default' => array(), 'description' => __( 'Limit result set to resources assigned to specific post ids.' ), 'type' => 'array', - 'sanitize_callback' => 'wp_parse_id_list', + 'items' => array( + 'type' => 'integer', + ), ); $query_params['status'] = array( diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php index 2eed29b69f..0afc6061b6 100644 --- a/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php +++ b/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php @@ -1975,20 +1975,6 @@ class WP_REST_Posts_Controller extends WP_REST_Controller { 'items' => array( 'type' => 'integer', ), - 'arg_options' => array( - 'sanitize_callback' => 'wp_parse_id_list', - ), - 'context' => array( 'view', 'edit' ), - ); - $schema['properties'][ $base . '_exclude' ] = array( - 'description' => sprintf( __( 'The terms in the %s taxonomy that should not be assigned to the object.' ), $taxonomy->name ), - 'type' => 'array', - 'items' => array( - 'type' => 'integer', - ), - 'arg_options' => array( - 'sanitize_callback' => 'wp_parse_id_list', - ), 'context' => array( 'view', 'edit' ), ); } @@ -2013,21 +1999,24 @@ class WP_REST_Posts_Controller extends WP_REST_Controller { 'description' => __( 'Limit response to resources published after a given ISO8601 compliant date.' ), 'type' => 'string', 'format' => 'date-time', - 'validate_callback' => 'rest_validate_request_arg', ); if ( post_type_supports( $this->post_type, 'author' ) ) { $params['author'] = array( 'description' => __( 'Limit result set to posts assigned to specific authors.' ), 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), - 'sanitize_callback' => 'wp_parse_id_list', ); $params['author_exclude'] = array( 'description' => __( 'Ensure result set excludes posts assigned to specific authors.' ), 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), - 'sanitize_callback' => 'wp_parse_id_list', ); } @@ -2035,37 +2024,36 @@ class WP_REST_Posts_Controller extends WP_REST_Controller { 'description' => __( 'Limit response to resources published before a given ISO8601 compliant date.' ), 'type' => 'string', 'format' => 'date-time', - 'validate_callback' => 'rest_validate_request_arg', ); $params['exclude'] = array( 'description' => __( 'Ensure result set excludes specific ids.' ), 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), - 'sanitize_callback' => 'wp_parse_id_list', ); $params['include'] = array( 'description' => __( 'Limit result set to specific ids.' ), 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), - 'sanitize_callback' => 'wp_parse_id_list', ); if ( 'page' === $this->post_type || post_type_supports( $this->post_type, 'page-attributes' ) ) { $params['menu_order'] = array( 'description' => __( 'Limit result set to resources with a specific menu_order value.' ), 'type' => 'integer', - 'sanitize_callback' => 'absint', - 'validate_callback' => 'rest_validate_request_arg', ); } $params['offset'] = array( 'description' => __( 'Offset the result set by a specific number of items.' ), 'type' => 'integer', - 'sanitize_callback' => 'absint', - 'validate_callback' => 'rest_validate_request_arg', ); $params['order'] = array( @@ -2073,7 +2061,6 @@ class WP_REST_Posts_Controller extends WP_REST_Controller { 'type' => 'string', 'default' => 'desc', 'enum' => array( 'asc', 'desc' ), - 'validate_callback' => 'rest_validate_request_arg', ); $params['orderby'] = array( @@ -2088,7 +2075,6 @@ class WP_REST_Posts_Controller extends WP_REST_Controller { 'title', 'slug', ), - 'validate_callback' => 'rest_validate_request_arg', ); if ( 'page' === $this->post_type || post_type_supports( $this->post_type, 'page-attributes' ) ) { @@ -2101,13 +2087,17 @@ class WP_REST_Posts_Controller extends WP_REST_Controller { $params['parent'] = array( 'description' => __( 'Limit result set to those of particular parent ids.' ), 'type' => 'array', - 'sanitize_callback' => 'wp_parse_id_list', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), ); $params['parent_exclude'] = array( 'description' => __( 'Limit result set to all items except those of a particular parent id.' ), 'type' => 'array', - 'sanitize_callback' => 'wp_parse_id_list', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), ); } @@ -2137,7 +2127,18 @@ class WP_REST_Posts_Controller extends WP_REST_Controller { $params[ $base ] = array( 'description' => sprintf( __( 'Limit result set to all items that have the specified term assigned in the %s taxonomy.' ), $base ), 'type' => 'array', - 'sanitize_callback' => 'wp_parse_id_list', + 'items' => array( + 'type' => 'integer', + ), + 'default' => array(), + ); + + $params[ $base . '_exclude' ] = array( + 'description' => sprintf( __( 'Limit result set to all items except those that have the specified term assigned in the %s taxonomy.' ), $base ), + 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), ); } @@ -2146,7 +2147,6 @@ class WP_REST_Posts_Controller extends WP_REST_Controller { $params['sticky'] = array( 'description' => __( 'Limit result set to items that are sticky.' ), 'type' => 'boolean', - 'sanitize_callback' => 'rest_parse_request_arg', ); } diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php index 5ae26212df..053bff537b 100644 --- a/wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php +++ b/wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php @@ -304,7 +304,6 @@ class WP_REST_Taxonomies_Controller extends WP_REST_Controller { $new_params['type'] = array( 'description' => __( 'Limit results to resources associated with a specific post type.' ), 'type' => 'string', - 'validate_callback' => 'rest_validate_request_arg', ); return $new_params; } diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php index ceaa26bee7..c9f9f910a8 100644 --- a/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php +++ b/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php @@ -887,42 +887,41 @@ class WP_REST_Terms_Controller extends WP_REST_Controller { $query_params['exclude'] = array( 'description' => __( 'Ensure result set excludes specific ids.' ), 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), - 'sanitize_callback' => 'wp_parse_id_list', ); $query_params['include'] = array( 'description' => __( 'Limit result set to specific ids.' ), 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), - 'sanitize_callback' => 'wp_parse_id_list', ); if ( ! $taxonomy->hierarchical ) { $query_params['offset'] = array( 'description' => __( 'Offset the result set by a specific number of items.' ), 'type' => 'integer', - 'sanitize_callback' => 'absint', - 'validate_callback' => 'rest_validate_request_arg', ); } $query_params['order'] = array( 'description' => __( 'Order sort attribute ascending or descending.' ), 'type' => 'string', - 'sanitize_callback' => 'sanitize_key', 'default' => 'asc', 'enum' => array( 'asc', 'desc', ), - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['orderby'] = array( 'description' => __( 'Sort collection by resource attribute.' ), 'type' => 'string', - 'sanitize_callback' => 'sanitize_key', 'default' => 'name', 'enum' => array( 'id', @@ -933,23 +932,18 @@ class WP_REST_Terms_Controller extends WP_REST_Controller { 'description', 'count', ), - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['hide_empty'] = array( 'description' => __( 'Whether to hide resources not assigned to any posts.' ), 'type' => 'boolean', 'default' => false, - 'sanitize_callback' => 'rest_sanitize_request_arg', - 'validate_callback' => 'rest_validate_request_arg', ); if ( $taxonomy->hierarchical ) { $query_params['parent'] = array( 'description' => __( 'Limit result set to resources assigned to a specific parent.' ), 'type' => 'integer', - 'sanitize_callback' => 'absint', - 'validate_callback' => 'rest_validate_request_arg', ); } @@ -957,13 +951,11 @@ class WP_REST_Terms_Controller extends WP_REST_Controller { 'description' => __( 'Limit result set to resources assigned to a specific post.' ), 'type' => 'integer', 'default' => null, - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['slug'] = array( 'description' => __( 'Limit result set to resources with a specific slug.' ), 'type' => 'string', - 'validate_callback' => 'rest_validate_request_arg', ); return $query_params; diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php index bb3737df0c..1256c6810d 100644 --- a/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php +++ b/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php @@ -1102,9 +1102,6 @@ class WP_REST_Users_Controller extends WP_REST_Controller { 'type' => 'string', ), 'context' => array( 'edit' ), - 'arg_options' => array( - 'sanitize_callback' => 'wp_parse_slug_list', - ), ), 'password' => array( 'description' => __( 'Password for the resource (never included).' ), @@ -1171,31 +1168,31 @@ class WP_REST_Users_Controller extends WP_REST_Controller { $query_params['exclude'] = array( 'description' => __( 'Ensure result set excludes specific ids.' ), 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), - 'sanitize_callback' => 'wp_parse_id_list', ); $query_params['include'] = array( 'description' => __( 'Limit result set to specific ids.' ), 'type' => 'array', + 'items' => array( + 'type' => 'integer', + ), 'default' => array(), - 'sanitize_callback' => 'wp_parse_id_list', ); $query_params['offset'] = array( 'description' => __( 'Offset the result set by a specific number of items.' ), 'type' => 'integer', - 'sanitize_callback' => 'absint', - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['order'] = array( 'default' => 'asc', 'description' => __( 'Order sort attribute ascending or descending.' ), 'enum' => array( 'asc', 'desc' ), - 'sanitize_callback' => 'sanitize_key', 'type' => 'string', - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['orderby'] = array( @@ -1210,21 +1207,20 @@ class WP_REST_Users_Controller extends WP_REST_Controller { 'email', 'url', ), - 'sanitize_callback' => 'sanitize_key', 'type' => 'string', - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['slug'] = array( 'description' => __( 'Limit result set to resources with a specific slug.' ), 'type' => 'string', - 'validate_callback' => 'rest_validate_request_arg', ); $query_params['roles'] = array( 'description' => __( 'Limit result set to resources matching at least one specific role provided. Accepts csv list or single role.' ), 'type' => 'array', - 'sanitize_callback' => 'wp_parse_slug_list', + 'items' => array( + 'type' => 'string', + ), ); return $query_params; diff --git a/wp-includes/version.php b/wp-includes/version.php index a89e1e0186..d66f28edc9 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.7-beta1-39104'; +$wp_version = '4.7-beta1-39105'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.