Bootstrap/Load: Make sure add_magic_quotes() does not inappropriately recast non-string data types to string.
Props donmhico, jrf, Veraxus, Rarst. Fixes #48605. git-svn-id: https://develop.svn.wordpress.org/trunk@48205 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov
parent
5289a345cf
commit
e5e4f0d977
@ -1219,6 +1219,7 @@ function wp_removable_query_args() {
|
|||||||
* Walks the array while sanitizing the contents.
|
* Walks the array while sanitizing the contents.
|
||||||
*
|
*
|
||||||
* @since 0.71
|
* @since 0.71
|
||||||
|
* @since 5.5.0 Non-string values are left untouched.
|
||||||
*
|
*
|
||||||
* @param array $array Array to walk while sanitizing contents.
|
* @param array $array Array to walk while sanitizing contents.
|
||||||
* @return array Sanitized $array.
|
* @return array Sanitized $array.
|
||||||
@ -1227,10 +1228,13 @@ function add_magic_quotes( $array ) {
|
|||||||
foreach ( (array) $array as $k => $v ) {
|
foreach ( (array) $array as $k => $v ) {
|
||||||
if ( is_array( $v ) ) {
|
if ( is_array( $v ) ) {
|
||||||
$array[ $k ] = add_magic_quotes( $v );
|
$array[ $k ] = add_magic_quotes( $v );
|
||||||
|
} elseif ( ! is_string( $v ) ) {
|
||||||
|
continue;
|
||||||
} else {
|
} else {
|
||||||
$array[ $k ] = addslashes( $v );
|
$array[ $k ] = addslashes( $v );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $array;
|
return $array;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
64
tests/phpunit/tests/functions/addMagicQuotes.php
Normal file
64
tests/phpunit/tests/functions/addMagicQuotes.php
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @group formatting
|
||||||
|
* @group functions.php
|
||||||
|
*/
|
||||||
|
class Tests_Functions_AddMagicQuotes extends WP_UnitTestCase {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @ticket 48605
|
||||||
|
*
|
||||||
|
* @dataProvider data_add_magic_quotes
|
||||||
|
*
|
||||||
|
* @param array $test_array Test value.
|
||||||
|
* @param array $expected Expected return value.
|
||||||
|
*/
|
||||||
|
function test_add_magic_quotes( $test_array, $expected ) {
|
||||||
|
$this->assertSame( $expected, add_magic_quotes( $test_array ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Data provider for test_add_magic_quotes.
|
||||||
|
*
|
||||||
|
* @return array[] Test parameters {
|
||||||
|
* @type array $test_array Test value.
|
||||||
|
* @type array $expected Expected return value.
|
||||||
|
* }
|
||||||
|
*/
|
||||||
|
public function data_add_magic_quotes() {
|
||||||
|
return array(
|
||||||
|
array(
|
||||||
|
array(
|
||||||
|
'sample string',
|
||||||
|
52,
|
||||||
|
true,
|
||||||
|
false,
|
||||||
|
null,
|
||||||
|
"This is a 'string'",
|
||||||
|
array(
|
||||||
|
1,
|
||||||
|
false,
|
||||||
|
true,
|
||||||
|
'This is "another" string',
|
||||||
|
),
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
'sample string',
|
||||||
|
52,
|
||||||
|
true,
|
||||||
|
false,
|
||||||
|
null,
|
||||||
|
"This is a \'string\'",
|
||||||
|
array(
|
||||||
|
1,
|
||||||
|
false,
|
||||||
|
true,
|
||||||
|
'This is \"another\" string',
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user