| | 3263 | * Sanitizes metadata extracted from media files. |
| | 3264 | * |
| | 3265 | * Currently only binary strings are sanitized with focus on preventing propagation of |
| | 3266 | * bad character encodings from causing database calls and API endpoints to fail. |
| | 3267 | * |
| | 3268 | * @param array $metadata An existing array with data |
| | 3269 | * |
| | 3270 | * @return array Returns array of sanitized metadata. |
| | 3271 | */ |
| | 3272 | function wp_sanitize_media_metadata( $metadata ) { |
| | 3273 | if ( ! is_array( $metadata ) ) { |
| | 3274 | return $metadata; |
| | 3275 | } |
| | 3276 | foreach ( $metadata as $name => $value ) { |
| | 3277 | if ( ! is_string( $value ) ) { |
| | 3278 | continue; |
| | 3279 | } |
| | 3280 | if ( is_array( $value ) ) { |
| | 3281 | $value = wp_sanitize_media_metadata( $value ); |
| | 3282 | } elseif ( is_string( $value ) && preg_match('~[^\x20-\x7E\t\r\n]~', $value ) > 0 ) { |
| | 3283 | $encoding = mb_detect_encoding( $value, 'ISO-8859-1, UCS-2' ); |
| | 3284 | $value = $encoding ? mb_convert_encoding( $value, 'UTF-8', $encoding ) : utf8_encode( $value ); |
| | 3285 | } |
| | 3286 | $metadata[$name] = $value; |
| | 3287 | } |
| | 3288 | return $metadata; |
| | 3289 | } |
| | 3290 | |
| | 3291 | /** |