Changeset 46454 for trunk/src/wp-includes/formatting.php

Timestamp:

10/09/2019 05:34:20 PM (6 years ago)

Author:

kadamwhite

Message:

REST API: Do not addslash when receiving meta arrays of non-string values.

Slashing non-string data caused PUT requests containing unmodified meta arrays of integers to fail the check against the existing stored meta value, causing a 500 when posting an unmodified response body back to the server.

Props TimothyBlynJacobs, augustuswm.
Fixes #48264.

File:

• trunk/src/wp-includes/formatting.php (modified) (1 diff)

trunk/src/wp-includes/formatting.php

@@ -5408 +5408 @@
 
 /**
+ * Adds slashes to only string values in an array of values.
+ *
+ * This should be used when preparing data for core APIs that expect slashed data.
+ * This should not be used to escape data going directly into an SQL query.
+ *
+ * @since 5.3.0
+ *
+ * @param mixed $value Scalar or array of scalars.
+ * @return mixed Slashes $value
+ */
+function wp_slash_strings_only( $value ) {
+    return map_deep( $value, 'addslashes_strings_only' );
+}
+
+/**
+ * Adds slashes only if the provided value is a string.
+ *
+ * @since 5.3.0
+ *
+ * @param mixed $value
+ * @return mixed
+ */
+function addslashes_strings_only( $value ) {
+    return is_string( $value ) ? addslashes( $value ) : $value;
+}
+
+/**
  * Extract and return the first URL from passed content.
  *