WordPress.org

Make WordPress Core

Ticket #16504: 16504.patch

File 16504.patch, 1.7 KB (added by hakre, 7 years ago)

introducing is_serialized_maybe

  • wp-includes/functions.php

    ### Eclipse Workspace Patch 1.0
    #P wordpress
     
    228228 * @return mixed Unserialized data can be any type.
    229229 */
    230230function maybe_unserialize( $original ) {
    231         if ( is_serialized( $original ) ) // don't attempt to unserialize data that wasn't serialized going in
     231        if ( is_serialized_maybe( $original ) ) // don't attempt to unserialize data that wasn't serialized going in
    232232                return @unserialize( $original );
    233233        return $original;
    234234}
     
    275275        return false;
    276276}
    277277
     278
    278279/**
     280 * Check if parameter is serialized of maybe serialized data.
     281 *
     282 * Will always return true if $data was serialized by maybe_serialize:
     283 *   $return = is_serialized_maybe( maybe_serialize( $data ) );
     284 * And it will always return false if not.
     285 *
     286 * @see maybe_serialize()
     287 *
     288 * @since 3.x.x
     289 *
     290 * @param mixed $data Data that might would have been serialized.
     291 * @return bool
     292 */
     293function is_serialized_maybe( $data ) {
     294        static $mapStart = array( 's'=>1, 'a'=>1, 'O'=>1 );
     295        if ( ! is_string( $data ) )
     296                return false;
     297        $length = strlen( $data );
     298        if ( $length < 4 )
     299                return false;
     300        $token = $data[0];
     301        if ( !isset($mapStart[$token]) )
     302                return false;           
     303        if ( ':' !== $data[1] )
     304                return false;
     305        $lastc = $data[$length-1];
     306        if ( ';' !== $lastc && '}' !== $lastc )
     307                return false;
     308        if ( 's' === $token )
     309                return (bool) '"' !== $data[$length-2];
     310        return (bool) preg_match( "/^{$token}:[0-9]+:/s", $data );
     311}
     312
     313/**
    279314 * Check whether serialized data is of string type.
    280315 *
    281316 * @since 2.0.5