Add wp_json_encode(), a wrapper for json_encode() that ensures everything is converted to UTF-8.

Change all core calls from `json_encode()` to `wp_json_encode()`.

Fixes #28786.



git-svn-id: https://develop.svn.wordpress.org/trunk@30055 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Gary Pendergast 2014-10-28 18:34:16 +00:00
parent 3d35d8bc5d
commit 0e68ecc0b6
17 changed files with 194 additions and 39 deletions

View File

@ -274,7 +274,7 @@ do_action( 'customize_controls_print_scripts' );
?>
<script type="text/javascript">
var _wpCustomizeSettings = <?php echo json_encode( $settings ); ?>;
var _wpCustomizeSettings = <?php echo wp_json_encode( $settings ); ?>;
</script>
</div>
</body>

View File

@ -286,7 +286,7 @@ function wp_ajax_autocomplete_user() {
);
}
wp_die( json_encode( $return ) );
wp_die( wp_json_encode( $return ) );
}
/**
@ -1365,7 +1365,7 @@ function wp_ajax_menu_get_metabox() {
$markup = ob_get_clean();
echo json_encode(array(
echo wp_json_encode(array(
'replace-id' => $type . '-' . $item->name,
'markup' => $markup,
));
@ -1394,7 +1394,7 @@ function wp_ajax_wp_link_ajax() {
if ( ! isset( $results ) )
wp_die( 0 );
echo json_encode( $results );
echo wp_json_encode( $results );
echo "\n";
wp_die();
@ -1840,7 +1840,7 @@ function wp_ajax_upload_attachment() {
if ( isset( $post_data['context'] ) && in_array( $post_data['context'], array( 'custom-header', 'custom-background' ) ) ) {
$wp_filetype = wp_check_filetype_and_ext( $_FILES['async-upload']['tmp_name'], $_FILES['async-upload']['name'], false );
if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) {
echo json_encode( array(
echo wp_json_encode( array(
'success' => false,
'data' => array(
'message' => __( 'The uploaded file is not a valid image. Please try again.' ),
@ -1855,7 +1855,7 @@ function wp_ajax_upload_attachment() {
$attachment_id = media_handle_upload( 'async-upload', $post_id, $post_data );
if ( is_wp_error( $attachment_id ) ) {
echo json_encode( array(
echo wp_json_encode( array(
'success' => false,
'data' => array(
'message' => $attachment_id->get_error_message(),
@ -1877,7 +1877,7 @@ function wp_ajax_upload_attachment() {
if ( ! $attachment = wp_prepare_attachment_for_js( $attachment_id ) )
wp_die();
echo json_encode( array(
echo wp_json_encode( array(
'success' => true,
'data' => $attachment,
) );
@ -1902,7 +1902,7 @@ function wp_ajax_image_editor() {
switch ( $_POST['do'] ) {
case 'save' :
$msg = wp_save_image($attachment_id);
$msg = json_encode($msg);
$msg = wp_json_encode($msg);
wp_die( $msg );
break;
case 'scale' :

View File

@ -1058,7 +1058,7 @@ class WP_List_Table {
$response['total_pages_i18n'] = number_format_i18n( $this->_pagination_args['total_pages'] );
}
die( json_encode( $response ) );
die( wp_json_encode( $response ) );
}
/**
@ -1075,6 +1075,6 @@ class WP_List_Table {
)
);
printf( "<script type='text/javascript'>list_args = %s;</script>\n", json_encode( $args ) );
printf( "<script type='text/javascript'>list_args = %s;</script>\n", wp_json_encode( $args ) );
}
}

View File

@ -273,7 +273,7 @@ class WP_Themes_List_Table extends WP_List_Table {
if ( is_array( $extra_args ) )
$args = array_merge( $args, $extra_args );
printf( "<script type='text/javascript'>var theme_list_args = %s;</script>\n", json_encode( $args ) );
printf( "<script type='text/javascript'>var theme_list_args = %s;</script>\n", wp_json_encode( $args ) );
parent::_js_vars();
}
}

View File

@ -1826,7 +1826,7 @@ if( !$large_size_w )
$large_size_w = 1024;
?>
var resize_height = <?php echo $large_size_h; ?>, resize_width = <?php echo $large_size_w; ?>,
wpUploaderInit = <?php echo json_encode($plupload_init); ?>;
wpUploaderInit = <?php echo wp_json_encode( $plupload_init ); ?>;
</script>
<div id="plupload-upload-ui" class="hide-if-no-js">

View File

@ -621,7 +621,7 @@ function admin_color_scheme_picker( $user_id ) {
<div class="color-option <?php echo ( $color == $current_color ) ? 'selected' : ''; ?>">
<input name="admin_color" id="admin_color_<?php echo esc_attr( $color ); ?>" type="radio" value="<?php echo esc_attr( $color ); ?>" class="tog" <?php checked( $color, $current_color ); ?> />
<input type="hidden" class="css_url" value="<?php echo esc_url( $color_info->url ); ?>" />
<input type="hidden" class="icon_colors" value="<?php echo esc_attr( json_encode( array( 'icons' => $color_info->icon_colors ) ) ); ?>" />
<input type="hidden" class="icon_colors" value="<?php echo esc_attr( wp_json_encode( array( 'icons' => $color_info->icon_colors ) ) ); ?>" />
<label for="admin_color_<?php echo esc_attr( $color ); ?>"><?php echo esc_html( $color_info->name ); ?></label>
<table class="color-palette">
<tr>
@ -665,7 +665,7 @@ function wp_color_scheme_settings() {
$icon_colors = array( 'base' => '#999', 'focus' => '#2ea2cc', 'current' => '#fff' );
}
echo '<script type="text/javascript">var _wpColorScheme = ' . json_encode( array( 'icons' => $icon_colors ) ) . ";</script>\n";
echo '<script type="text/javascript">var _wpColorScheme = ' . wp_json_encode( array( 'icons' => $icon_colors ) ) . ";</script>\n";
}
add_action( 'admin_head', 'wp_color_scheme_settings' );

View File

@ -356,7 +356,7 @@ function _wp_ajax_menu_quick_search( $request = array() ) {
if ( 'markup' == $response_format ) {
echo walk_nav_menu_tree( array_map('wp_setup_nav_menu_item', array( get_post( $object_id ) ) ), 0, (object) $args );
} elseif ( 'json' == $response_format ) {
echo json_encode(
echo wp_json_encode(
array(
'ID' => $object_id,
'post_title' => get_the_title( $object_id ),
@ -373,7 +373,7 @@ function _wp_ajax_menu_quick_search( $request = array() ) {
echo walk_nav_menu_tree( array_map('wp_setup_nav_menu_item', array( get_term( $object_id, $object_type ) ) ), 0, (object) $args );
} elseif ( 'json' == $response_format ) {
$post_obj = get_term( $object_id, $object_type );
echo json_encode(
echo wp_json_encode(
array(
'ID' => $object_id,
'post_title' => $post_obj->name,
@ -401,7 +401,7 @@ function _wp_ajax_menu_quick_search( $request = array() ) {
$var_by_ref = get_the_ID();
echo walk_nav_menu_tree( array_map('wp_setup_nav_menu_item', array( get_post( $var_by_ref ) ) ), 0, (object) $args );
} elseif ( 'json' == $response_format ) {
echo json_encode(
echo wp_json_encode(
array(
'ID' => get_the_ID(),
'post_title' => get_the_title(),
@ -422,7 +422,7 @@ function _wp_ajax_menu_quick_search( $request = array() ) {
if ( 'markup' == $response_format ) {
echo walk_nav_menu_tree( array_map('wp_setup_nav_menu_item', array( $term ) ), 0, (object) $args );
} elseif ( 'json' == $response_format ) {
echo json_encode(
echo wp_json_encode(
array(
'ID' => $term->term_id,
'post_title' => $term->name,

View File

@ -1952,7 +1952,7 @@ final class WP_Internal_Pointers {
<script type="text/javascript">
//<![CDATA[
(function($){
var options = <?php echo json_encode( $args ); ?>, setup;
var options = <?php echo wp_json_encode( $args ); ?>, setup;
if ( ! options )
return;

View File

@ -517,7 +517,7 @@ final class WP_Customize_Manager {
?>
<script type="text/javascript">
var _wpCustomizeSettings = <?php echo json_encode( $settings ); ?>;
var _wpCustomizeSettings = <?php echo wp_json_encode( $settings ); ?>;
</script>
<?php
}

View File

@ -740,7 +740,7 @@ final class WP_Customize_Widgets {
$wp_scripts->add_data(
'customize-widgets',
'data',
sprintf( 'var _wpCustomizeWidgetsSettings = %s;', json_encode( $settings ) )
sprintf( 'var _wpCustomizeWidgetsSettings = %s;', wp_json_encode( $settings ) )
);
}
@ -1055,7 +1055,7 @@ final class WP_Customize_Widgets {
?>
<script type="text/javascript">
var _wpWidgetCustomizerPreviewSettings = <?php echo json_encode( $settings ); ?>;
var _wpWidgetCustomizerPreviewSettings = <?php echo wp_json_encode( $settings ); ?>;
</script>
<?php
}

View File

@ -500,7 +500,7 @@ final class _WP_Editors {
);
if ( ! empty( $mce_external_plugins ) ) {
self::$first_init['external_plugins'] = json_encode( $mce_external_plugins );
self::$first_init['external_plugins'] = wp_json_encode( $mce_external_plugins );
}
$suffix = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';
@ -986,7 +986,7 @@ final class _WP_Editors {
$mce_translation['_dir'] = 'rtl';
}
return "tinymce.addI18n( '$mce_locale', " . json_encode( $mce_translation ) . ");\n" .
return "tinymce.addI18n( '$mce_locale', " . wp_json_encode( $mce_translation ) . ");\n" .
"tinymce.ScriptLoader.markDone( '$baseurl/langs/$mce_locale.js' );\n";
}

View File

@ -167,7 +167,7 @@ class WP_Scripts extends WP_Dependencies {
$l10n[$key] = html_entity_decode( (string) $value, ENT_QUOTES, 'UTF-8');
}
$script = "var $object_name = " . json_encode($l10n) . ';';
$script = "var $object_name = " . wp_json_encode( $l10n ) . ';';
if ( !empty($after) )
$script .= "\n$after;";

View File

@ -2612,6 +2612,119 @@ function _scalar_wp_die_handler( $message = '' ) {
die();
}
/**
* Encode a variable into JSON, with some sanity checks
*
* @since 4.1.0
*
* @param mixed $data Variable (usually an array or object) to encode as JSON
* @param int $options Options to be passed to json_encode(). Default 0.
* @param int $depth Maximum depth to walk through $data. Must be greater than 0, default 512.t
*
* @return bool|string The JSON encoded string, or false if it cannot be encoded
*/
function wp_json_encode( $data, $options = 0, $depth = 512 ) {
// json_encode has had extra params added over the years.
// $options was added in 5.3, and $depth in 5.5.
// We need to make sure we call it with the correct arguments.
if ( version_compare( PHP_VERSION, '5.5', '>=' ) ) {
$args = array( $data, $options, $depth );
} else if ( version_compare( PHP_VERSION, '5.3', '>=' ) ) {
$args = array( $data, $options );
} else {
$args = array( $data );
}
$json = call_user_func_array( 'json_encode', $args );
if ( false !== $json ) {
// If json_encode was successful, no need to do more sanity checking
return $json;
}
try {
$args[0] = _wp_json_sanity_check( $data, $depth );
} catch ( Exception $e ) {
return false;
}
return call_user_func_array( 'json_encode', $args );
}
/**
* @ignore
*/
function _wp_json_sanity_check( $data, $depth ) {
if ( $depth < 0 ) {
throw new Exception( 'Reached depth limit' );
}
if ( is_array( $data ) ) {
$output = array();
foreach ( $data as $id => $el ) {
// Don't forget to sanitize the ID!
if ( is_string( $id ) ) {
$clean_id = _wp_json_convert_string( $id );
} else {
$clean_id = $id;
}
// Check the element type, so that we're only recursing if we really have to
if ( is_array( $el ) || is_object( $el ) ) {
$output[ $clean_id ] = _wp_json_sanity_check( $el, $depth - 1 );
} else if ( is_string( $el ) ) {
$output[ $clean_id ] = _wp_json_convert_string( $el );
} else {
$output[ $clean_id ] = $el;
}
}
} else if ( is_object( $data ) ) {
$output = new stdClass;
foreach ( $data as $id => $el ) {
if ( is_string( $id ) ) {
$clean_id = _wp_json_convert_string( $id );
} else {
$clean_id = $id;
}
if ( is_array( $el ) || is_object( $el ) ) {
$output->$clean_id = _wp_json_sanity_check( $el, $depth - 1 );
} else if ( is_string( $el ) ) {
$output->$clean_id = _wp_json_convert_string( $el );
} else {
$output->$clean_id = $el;
}
}
} else if ( is_string( $data ) ) {
return _wp_json_convert_string( $data );
} else {
return $data;
}
return $output;
}
/**
* @ignore
*/
function _wp_json_convert_string( $string ) {
static $use_mb = null;
if ( is_null( $use_mb ) ) {
$use_mb = function_exists( 'mb_convert_encoding' );
}
if ( $use_mb ) {
$encoding = mb_detect_encoding( $string, mb_detect_order(), true );
if ( $encoding ) {
return mb_convert_encoding( $string, 'UTF-8', $encoding );
} else {
return mb_convert_encoding( $string, 'UTF-8', 'UTF-8' );
}
} else {
return wp_check_invalid_utf8( $data, true );
}
}
/**
* Send a JSON response back to an Ajax request.
*
@ -2622,7 +2735,7 @@ function _scalar_wp_die_handler( $message = '' ) {
*/
function wp_send_json( $response ) {
@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
echo json_encode( $response );
echo wp_json_encode( $response );
if ( defined( 'DOING_AJAX' ) && DOING_AJAX )
wp_die();
else

View File

@ -1398,7 +1398,7 @@ function wp_playlist_shortcode( $attr ) {
}
?></ol>
</noscript>
<script type="application/json" class="wp-playlist-script"><?php echo json_encode( $data ) ?></script>
<script type="application/json" class="wp-playlist-script"><?php echo wp_json_encode( $data ) ?></script>
</div>
<?php
return ob_get_clean();
@ -2582,7 +2582,7 @@ function wp_plupload_default_settings() {
'limitExceeded' => is_multisite() && ! is_upload_space_available()
);
$script = 'var _wpPluploadSettings = ' . json_encode( $settings ) . ';';
$script = 'var _wpPluploadSettings = ' . wp_json_encode( $settings ) . ';';
if ( $data )
$script = "$data\n$script";

View File

@ -1939,7 +1939,7 @@ function _wp_customize_loader_settings() {
),
);
$script = 'var _wpCustomizeLoaderSettings = ' . json_encode( $settings ) . ';';
$script = 'var _wpCustomizeLoaderSettings = ' . wp_json_encode( $settings ) . ';';
$data = $wp_scripts->get_data( 'customize-loader', 'data' );
if ( $data )

View File

@ -94,7 +94,7 @@ function wp_version_check( $extra_stats = array(), $force_check = false ) {
);
$post_body = array(
'translations' => json_encode( $translations ),
'translations' => wp_json_encode( $translations ),
);
if ( is_array( $extra_stats ) )
@ -274,16 +274,16 @@ function wp_update_plugins( $extra_stats = array() ) {
$options = array(
'timeout' => $timeout,
'body' => array(
'plugins' => json_encode( $to_send ),
'translations' => json_encode( $translations ),
'locale' => json_encode( $locales ),
'all' => json_encode( true ),
'plugins' => wp_json_encode( $to_send ),
'translations' => wp_json_encode( $translations ),
'locale' => wp_json_encode( $locales ),
'all' => wp_json_encode( true ),
),
'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' )
);
if ( $extra_stats ) {
$options['body']['update_stats'] = json_encode( $extra_stats );
$options['body']['update_stats'] = wp_json_encode( $extra_stats );
}
$url = $http_url = 'http://api.wordpress.org/plugins/update-check/1.1/';
@ -437,15 +437,15 @@ function wp_update_themes( $extra_stats = array() ) {
$options = array(
'timeout' => $timeout,
'body' => array(
'themes' => json_encode( $request ),
'translations' => json_encode( $translations ),
'locale' => json_encode( $locales ),
'themes' => wp_json_encode( $request ),
'translations' => wp_json_encode( $translations ),
'locale' => wp_json_encode( $locales ),
),
'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' )
);
if ( $extra_stats ) {
$options['body']['update_stats'] = json_encode( $extra_stats );
$options['body']['update_stats'] = wp_json_encode( $extra_stats );
}
$url = $http_url = 'http://api.wordpress.org/themes/update-check/1.1/';

View File

@ -529,4 +529,46 @@ class Tests_Functions extends WP_UnitTestCase {
$this->assertCount( 8, $urls );
$this->assertEquals( array_slice( $original_urls, 0, 8 ), $urls );
}
/**
* @ticket 28786
*/
function test_wp_json_encode() {
$this->assertEquals( wp_json_encode( 'a' ), '"a"' );
$this->assertEquals( wp_json_encode( '这' ), '"\u8fd9"' );
$old_charsets = $charsets = mb_detect_order();
if ( ! in_array( 'EUC-JP', $charsets ) ) {
$charsets[] = 'EUC-JP';
mb_detect_order( $charsets );
}
$eucjp = mb_convert_encoding( 'aあb', 'EUC-JP', 'UTF-8' );
$utf8 = mb_convert_encoding( $eucjp, 'UTF-8', 'EUC-JP' );
$this->assertEquals( 'aあb', $utf8 );
$this->assertEquals( wp_json_encode( $eucjp ), '"a\u3042b"' );
$this->assertEquals( wp_json_encode( array( 'a' ) ), '["a"]' );
$object = new stdClass;
$object->a = 'b';
$this->assertEquals( wp_json_encode( $object ), '{"a":"b"}' );
mb_detect_order( $old_charsets );
}
/**
* @ticket 28786
*/
function test_wp_json_encode_depth() {
$data = array( array( array( 1, 2, 3 ) ) );
$json = wp_json_encode( $data, 0, 1 );
$this->assertFalse( $json );
$data = array( 'あ', array( array( 1, 2, 3 ) ) );
$json = wp_json_encode( $data, 0, 1 );
$this->assertFalse( $json );
}
}