add_magic_quotes() fails on objects

[misterbisson]

objects passed to add_magic_quotes() are assumed to be strings and passed along to wpdb::escape(), causing PHP to die with the following error:

Catchable fatal error: Object of class stdClass could not be converted to string in /web/ven/wp-includes/wp-db.php on line 472

http://core.trac.wordpress.org/browser/trunk/wp-includes/functions.php

This probably wouldn't be a problem, but wp_update_user() blindly calls add_magic_quotes() on all user meta, some of which might be an object.

http://core.trac.wordpress.org/browser/trunk/wp-includes/registration.php

Can you add a dump of the object? It should normally get serialized before getting quoted.

Agreed, it _should_. It's not getting serialized because wp_update_user() doesn't bother:

// First, get all of the original fields
$user=get_userdata($ID);

// Escape data pulled from DB.
$user=add_magic_quotes(get_object_vars($user));

If $user contains an object somewhere, it gets blindly passed to add_magic_quotes().

wp_update_user() clearly needs a fix (thus #9640), but add_magic_quotes() also needs some bulletproofing.

I am having this problem when users try to update their passwords or when admin tries to update password or in fact any other user data. The users were "converted", ie: not created normally, but all other functioning seems fine.

Some converted users do not seem to have this problem. I would love a patch for this please as I have to reset their passwords manually and it is embarrassing that it does not work. Any ideas would be appreciated.

On any user update I get Catchable fatal error: Object of class stdClass could not be converted to string in /...../wp-includes/wp-db.php on line 429

patch added http://core.trac.wordpress.org/attachment/ticket/9640/9640.patch

please test that patch with this bug as well and report if you still get the error.

closing this one as a dup of #9640, since it's really the same issue.

Replying to hakre:

patch added http://core.trac.wordpress.org/attachment/ticket/9640/9640.patch please test that patch with this bug as well and report if you still get the error.

9640 did fix the problem, still intrigued as to why only happened with converted users - I checked thoroughly and same fields were populated in user and user-meta

I can imagine that converted users data was saved as object instead of array. when deserialized and passed to the function, errors were thrown.

I am having this problem with a WP 2.7.1 install and nobody knows what to do with it. I was considering a complete blog deletion and restoration. I have all the backups ready to go, but I was trying to avoid this.

I am not a techie and I am sorry if I have come to the wrong place but my error is almost the same one as posted above:

Catchable fatal error: Object of class PHP_Incomplete_Class could not be converted to string in /..../wp-includes/wp-db.php on line 429

This happens whenever I try to do most any admin function and I am experiencing strange fckeditor behaviors, (like question marks appearing for any place in a text that has two spaces together.

I have no idea what to do with a patch.

Please use #9640.