Automattic\WooCommerce\Api\Pagination
IdCursorFilter::decode_id_cursor
Decode a base64-encoded ID cursor into a positive integer.
Resolvers encode cursors via base64_encode( (string)$id) on the way out; this is the symmetric decode. base64_decode(..., true) returns false for malformed input, which (int) casts to 0 and {@see self::apply()} would silently treat as "no cursor" — leaving clients with unfiltered results instead of a clear error. Validate explicitly and throw INVALID_ARGUMENT → HTTP 400 on any bad input.
Method of the class: IdCursorFilter{}
No Hooks.
Returns
Int. The decoded positive integer ID.
Usage
$result = IdCursorFilter::decode_id_cursor( $cursor, $name ): int;
- $cursor(string) (required)
- The client-supplied cursor string.
- $name(string) (required)
- Which cursor argument (
after/before), for error messages.
IdCursorFilter::decode_id_cursor() IdCursorFilter::decode id cursor code WC 10.9.1
public static function decode_id_cursor( string $cursor, string $name ): int {
$raw = base64_decode( $cursor, true );
if ( false === $raw || ! ctype_digit( $raw ) || (int) $raw <= 0 ) {
// phpcs:disable WordPress.Security.EscapeOutput.ExceptionNotEscaped -- Not HTML; serialized as JSON.
throw new ApiException(
sprintf( 'Invalid `%s` cursor.', $name ),
'INVALID_ARGUMENT',
status_code: 400,
);
// phpcs:enable WordPress.Security.EscapeOutput.ExceptionNotEscaped
}
return (int) $raw;
}