Filter uncanny-automator-pro

automator_wp_set_post_meta_should_sanitize_fields

Filters whether post meta fields should be sanitized before saving to the database.

add_filter( 'automator_wp_set_post_meta_should_sanitize_fields', $callback, 10, 2 );

Description

Filters whether the 'Set post meta' action should sanitize field values. By default, it sanitizes text fields. Developers can return false to disable sanitization for specific values or contexts, but use with caution as it may expose security vulnerabilities.

Usage

add_filter( 'automator_wp_set_post_meta_should_sanitize_fields', 'your_function_name', 10, 2 );

Parameters

$value (mixed)
This parameter, defaulting to `true`, determines whether the value should be sanitized by the `sanitize_text_field` function.
$this (mixed)
This parameter contains the value that is being considered for sanitization.

Return Value

The filtered value.

Examples

<?php
/**
 * Example: Conditionally disable sanitization for specific meta keys.
 *
 * This filter allows developers to prevent the sanitization of specific
 * post meta fields if they are known to contain data that should not be
 * sanitized (e.g., HTML content that is already safe, or serialized data).
 */
add_filter( 'automator_wp_set_post_meta_should_sanitize_fields', function ( $should_sanitize, $value, $instance ) {

	// Access the meta key being set from the $instance object.
	// The exact property name might vary depending on the Uncanny Automator class structure.
	// We assume a property like 'meta_key' or similar exists.
	// If not, you'd need to inspect the $instance object's properties.
	$meta_key_being_set = null;
	if ( isset( $instance->meta_key ) ) { // Hypothetical property name
		$meta_key_being_set = $instance->meta_key;
	} elseif ( isset( $instance->args['meta_key'] ) ) { // Another possible structure
		$meta_key_being_set = $instance->args['meta_key'];
	}

	// List of meta keys that should NOT be sanitized.
	$unfilterable_meta_keys = array(
		'my_custom_html_field',
		'my_serialized_data_field',
		'_wp_page_template', // Example of a core WordPress meta key that might be controlled
	);

	if ( $meta_key_being_set && in_array( $meta_key_being_set, $unfilterable_meta_keys, true ) ) {
		// If the current meta key is in our list, disable sanitization for this specific field.
		return false;
	}

	// For all other fields, adhere to the default behavior (which is to sanitize if $should_sanitize is true).
	return $should_sanitize;

}, 10, 3 );

Placement

This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.

Source Code

uncanny-automator-pro/src/integrations/wp/actions/wp-setpostmeta.php:195

private function sanitize_text_field( $value = '' ) {

		// Only sanitize if its a string.
		if ( ! is_string( $value ) ) {
			return $value;
		}

		if ( apply_filters( 'automator_wp_set_post_meta_should_sanitize_fields', true, $value, $this ) ) {
			return sanitize_text_field( $value );
		}

		return $value;

	}
Scroll to Top