Automattic\WooCommerce\Internal\RestApi\Routes\V4\Settings\Account
Controller::update_item
Update account settings.
Method of the class: Controller{}
Hooks from the method
Returns
WP_REST_Response|WP_Error.
Usage
$Controller = new Controller(); $Controller->update_item( $request );
- $request(WP_REST_Request) (required)
- Full details about the request.
Controller::update_item() Controller::update item code WC 10.4.3
public function update_item( $request ) {
$params = $request->get_json_params();
if ( ! is_array( $params ) || empty( $params ) ) {
return new WP_Error(
'rest_invalid_param',
__( 'Invalid or empty request body.', 'woocommerce' ),
array( 'status' => 400 )
);
}
// Check if the request contains a 'values' field with the flat key-value mapping.
$values_to_update = array();
if ( isset( $params['values'] ) && is_array( $params['values'] ) ) {
$values_to_update = $params['values'];
} else {
// Fallback to the old format for backward compatibility.
$values_to_update = $params;
}
// Get all account settings definitions.
$settings = $this->get_all_settings();
$settings_by_id = array_column( $settings, null, 'id' );
// Exclude non-editable markers like 'title' and 'sectionend'.
$settings_by_id = array_filter(
$settings_by_id,
static function ( $def ) {
$type = $def['type'] ?? '';
return isset( $def['id'] ) && ! in_array( $type, array( 'title', 'sectionend' ), true );
}
);
$valid_setting_ids = array_keys( $settings_by_id );
$validated_settings = array();
// Process each setting in the payload.
foreach ( $values_to_update as $setting_id => $setting_value ) {
// Sanitize the setting ID.
$setting_id = sanitize_text_field( $setting_id );
// Security check: only allow updating valid WooCommerce account settings.
if ( ! in_array( $setting_id, $valid_setting_ids, true ) ) {
continue;
}
// Sanitize the value based on the setting type.
$setting_definition = $settings_by_id[ $setting_id ];
$setting_type = $setting_definition['type'] ?? 'text';
$sanitized_value = $this->sanitize_setting_value( $setting_type, $setting_value );
// Additional validation for specific settings.
$validation_result = $this->validate_setting_value( $setting_id, $sanitized_value );
if ( is_wp_error( $validation_result ) ) {
return $validation_result;
}
// Store validated values first.
$validated_settings[ $setting_id ] = $sanitized_value;
}
// After validation loop, update all settings.
$updated_settings = array();
foreach ( $validated_settings as $setting_id => $value ) {
$update_result = update_option( $setting_id, $value );
if ( $update_result ) {
$updated_settings[] = $setting_id;
}
}
// Log the update if settings were changed.
if ( ! empty( $updated_settings ) ) {
/**
* Fires when WooCommerce settings are updated.
*
* @param array $updated_settings Array of updated settings IDs.
* @param string $rest_base The REST base of the settings.
* @since 4.0.0
*/
do_action( 'woocommerce_settings_updated', $updated_settings, $this->rest_base );
}
// Get all settings after update.
$settings = $this->get_all_settings();
// Return updated settings.
$response = $this->get_item_response( $settings, $request );
return rest_ensure_response( $response );
}