Skip to content

Add new function eligible_to_save #500

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jamesgol wants to merge 1 commit into from
Closed

Add new function eligible_to_save #500

jamesgol wants to merge 1 commit into from

Conversation

@jamesgol
Copy link
Contributor

@jamesgol jamesgol commented Oct 20, 2015

Creates a check to see if a field should be saved based on the attributes set for it. Otherwise fields set to disabled and/or readonly will be written to.

Setting a field to readonly just sets the HTML input form to readonly, it's trivial for someone to pass a different value in and change it.

@jamesgol
Add new function eligible_to_save
0c930d4 
Creats a check to see if a field should be saved based on the attributes set for it.  Otherwise fields set to disabled and/or readonly will
be written to.
@jamesgol
Copy link
Contributor Author

jamesgol commented Oct 20, 2015

Related to #346

@jrfnl
Copy link
Contributor

jrfnl commented Jan 31, 2016

I would advise against this change as disabled and/or readonly field attributes are often the initial state of a field, with the attribute(s) being removed via javascript if certain conditions apply.

@jtsternberg
Copy link
Member

jtsternberg commented Jun 28, 2016

Sorry @jamesgol, I'm with @jrfnl in that I don't think it's safe to make those assumptions as readonly and disabled attributes are used for specific and varied purposes.

@jtsternberg
Copy link
Member

jtsternberg commented Jun 28, 2016

That being said, I could see using a field attribute, 'save_field', (which mirrors the CMB2 property) which, when set to false, would keep the field from saving.

@jamesgol
Copy link
Contributor Author

jamesgol commented Jun 28, 2016

Perhaps adding a filter that is checked instead would be a reasonable option? It's been a bit since I worked on the project needing this and I had to change my process completely because there wasn't any way to correct this flaw.

@jtsternberg jtsternberg mentioned this pull request Jun 28, 2016
Closed
@jtsternberg
Copy link
Member

jtsternberg commented Jun 28, 2016

There are several filters which could be leveraged to accomplish this already.

@jamesgol
Copy link
Contributor Author

jamesgol commented Jun 28, 2016

It has been so long I don't remember the specifics on the use case there, but those filters all happened much to late. It was related to a security issue where the original coder assumed that marking a field as read-only was really read-only and not just set in HTML.

Adding an additional setting is a reasonable solution, if nobody else gets to it first I'll submit a PR for it.

jamesgol added a commit to jamesgol/CMB2 that referenced this pull request Jun 28, 2016
@jamesgol
Add save_field attribute to fields
ab13b90 
Keeps specific fields from being saved.  Defaults to true, if set to false field will be skipped.

Related to CMB2#346 and CMB2#500
jtsternberg added a commit that referenced this pull request Jun 28, 2016
@jtsternberg
Introduce the 'save_field' boolean field property. Closes #346, Closes
f54c262 
 #500

For disabling the saving of a field. Useful if you want to display the
value of another field, or use a disabled/read-only field.

See example in example-functions.php
@jtsternberg
Copy link
Member

jtsternberg commented Jun 28, 2016

@jamesgol oops, I just pushed an update to include this, but please submit your PR and I will merge it in for the unit tests, etc, and will give you props.

jamesgol added a commit to jamesgol/CMB2 that referenced this pull request Jun 28, 2016
@jamesgol
Add unit tests for save_field
16cb1ee 
Related to CMB2#500 and CMB2#346
@jamesgol jamesgol mentioned this pull request Jun 28, 2016
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jamesgol @jrfnl @jtsternberg