WordPress Import broken by maybe_serialze
|Reported by:||shawnparker||Owned by:|
The function maybe_serialize breaks the WordPress Import Plugin. Any serialized post_meta data that is sent over the importer is double serialized by the maybe_serialize function. The root of the problem is that within maybe_serialize there is an explicit check to see if the data is already serialized and if it is, the data is double serialized. This logic is confusing to me.
Fixing maybe_serialize or changing the way the importer imports data is what is needed. Some might think that unserializing the data in the importer is the way to go but it is not. If a plugin is not installed at the time of import and the serialized data is a custom object that requires a class provided by a plugin then the data will be destroyed.
So I guess it boils down to a question of why does maybe_serialize explicitly double serialize data. Is there a valid use case for this? I've seen the tickets for when maybe_unserialize did an is_scalar() check but that broke plugins that were "doing it wrong". Now I'm "doing it right" and breaking. I've noticed that some imported WordPress data is double serialized as well (when that data is not explicitly excluded from import by the importer) which I'm curious about the implications elsewhere.
I think a patch for this would be pretty simple.
Change History (7)
- Component changed from General to Import
- Keywords import maybe_serialize removed
- Severity changed from blocker to normal