From 3acb42faee66868a76e653a34ef35de13ddf734f Mon Sep 17 00:00:00 2001
From: Jake Vanderwerf <get@jakevanderwerf.ca>
Date: Thu, 01 Jan 2026 23:00:11 +0000
Subject: [PATCH] Merge branch 'main' of https://github.com/jakevdwerf/jvb

---
 inc/meta/MetaSanitizer.php |   52 +++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 51 insertions(+), 1 deletions(-)

diff --git a/inc/meta/MetaSanitizer.php b/inc/meta/MetaSanitizer.php
index 4f3ec52..f4f573f 100644
--- a/inc/meta/MetaSanitizer.php
+++ b/inc/meta/MetaSanitizer.php
@@ -67,6 +67,56 @@
         return implode(',', $values);
     }
 
+	protected function sanitizeTagList(array $values, array $field_config): array
+	{
+		if (!is_array($values)) {
+			return [];
+		}
+
+		if (empty(array_filter($values, fn($value) => !empty($value)))) {
+			return [];
+		}
+
+		if (!isset($field_config['fields']) || !is_array($field_config['fields'])) {
+			return [];
+		}
+
+		$sanitized = [];
+
+		foreach ($values as $row) {
+			if (!is_array($row)) {
+				continue;
+			}
+
+			// Clean up field names (remove prefixes like "fieldname:0:email")
+			$temp = [];
+			foreach ($row as $key => $value) {
+				$key_parts = explode(':', $key);
+				$clean_key = $key_parts[array_key_last($key_parts)];
+				$temp[$clean_key] = $value;
+			}
+			$row = $temp;
+
+			// Sanitize each field
+			$clean_row = [];
+			foreach ($field_config['fields'] as $key => $subfield_config) {
+				if (!array_key_exists($key, $row)) {
+					continue;
+				}
+
+				$subfield_config['name'] = $key; // For backwards compatibility
+				$clean_row[$key] = $this->sanitize($row[$key], $subfield_config);
+			}
+
+			// Only add row if it has at least one non-empty value
+			if (!empty(array_filter($clean_row))) {
+				$sanitized[] = $clean_row;
+			}
+		}
+
+		return $sanitized;
+	}
+
     protected function sanitizeRepeater(array $values, array $field_config):array
     {
         if (!is_array($values)) {
@@ -137,7 +187,7 @@
 		return $sanitized;
 	}
 
-    protected function sanitizeGallery(array|string $value):string
+    protected function sanitizeUpload(array|string $value):string
     {
         if (empty($value)) {
             return '';

--
Gitblit v1.10.0