Make WordPress Core


Ignore:
Timestamp:
01/10/2019 09:05:50 PM (6 years ago)
Author:
flixos90
Message:

General: Fix problematic string to array parsing.

WordPress has historically often used code like preg_split( '/[\s,]+/', $var ) to parse a string of comma-separated values into an array. However, this approach was causing an empty string to not be parsed into an empty array as expected, but rather into an array with the empty string as its sole element.

This was among other areas causing problems in the REST API where passing an empty request parameter could cause that request to fail because, instead of it being ignored, that parameter would be compared against the valid values for it, which typically do not include an empty string.

Props david.binda, sstoqnov.
Fixes #43977.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/functions.php

    r44506 r44546  
    38243824
    38253825/**
     3826 * Cleans up an array, comma- or space-separated list of scalar values.
     3827 *
     3828 * @since 5.1.0
     3829 *
     3830 * @param array|string $list List of values.
     3831 * @return array Sanitized array of values.
     3832 */
     3833function wp_parse_list( $list ) {
     3834    if ( ! is_array( $list ) ) {
     3835        return preg_split( '/[\s,]+/', $list, -1, PREG_SPLIT_NO_EMPTY );
     3836    }
     3837
     3838    return $list;
     3839}
     3840
     3841/**
    38263842 * Clean up an array, comma- or space-separated list of IDs.
    38273843 *
     
    38323848 */
    38333849function wp_parse_id_list( $list ) {
    3834     if ( ! is_array( $list ) ) {
    3835         $list = preg_split( '/[\s,]+/', $list );
    3836     }
     3850    $list = wp_parse_list( $list );
    38373851
    38383852    return array_unique( array_map( 'absint', $list ) );
     
    38483862 */
    38493863function wp_parse_slug_list( $list ) {
    3850     if ( ! is_array( $list ) ) {
    3851         $list = preg_split( '/[\s,]+/', $list );
    3852     }
    3853 
    3854     foreach ( $list as $key => $value ) {
    3855         $list[ $key ] = sanitize_title( $value );
    3856     }
    3857 
    3858     return array_unique( $list );
     3864    $list = wp_parse_list( $list );
     3865
     3866    return array_unique( array_map( 'sanitize_title', $list ) );
    38593867}
    38603868
Note: See TracChangeset for help on using the changeset viewer.