WordPress.org
Get WordPress

Make WordPress Core

Changeset 50936


Ignore:
Timestamp:
05/20/2021 12:03:04 AM (4 years ago)
Author:
SergeyBiryukov
Message:

General: Ensure consistent type for integer properties of a bookmark object.

Previously, these properties could be unexpectedly converted to strings in some contexts.

This applies to the following function:

  • sanitize_bookmark_field()

and the following properties:

  • $bookmark::link_id
  • $bookmark::link_rating

Follow-up to [50935].

See #53235.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/wp-includes/bookmark.php

    r50558 r50936  
    392392 * @param mixed  $value       The bookmark field value.
    393393 * @param int    $bookmark_id Bookmark ID.
    394  * @param string $context     How to filter the field value. Accepts 'raw', 'edit', 'attribute',
    395  *                            'js', 'db', or 'display'
     394 * @param string $context     How to filter the field value. Accepts 'raw', 'edit', 'db',
     395 *                            'display', 'attribute', or 'js'. Default 'display'.
    396396 * @return mixed The filtered value.
    397397 */
    398398function sanitize_bookmark_field( $field, $value, $bookmark_id, $context ) {
     399    $int_fields = array( 'link_id', 'link_rating' );
     400    if ( in_array( $field, $int_fields, true ) ) {
     401        $value = (int) $value;
     402    }
     403
    399404    switch ( $field ) {
    400         case 'link_id': // ints
    401         case 'link_rating':
    402             $value = (int) $value;
    403             break;
    404405        case 'link_category': // array( ints )
    405406            $value = array_map( 'absint', (array) $value );
     
    446447    }
    447448
     449    // Restore the type for integer fields after esc_attr().
     450    if ( in_array( $field, $int_fields, true ) ) {
     451        $value = (int) $value;
     452    }
     453
    448454    return $value;
    449455}

  • trunk/tests/phpunit/tests/bookmark/getBookmark.php

    r50789 r50936  
    342342
    343343    /**
     344     * @ticket 53235
     345     */
     346    public function test_numeric_properties_should_be_cast_to_ints() {
     347        $contexts = array( 'raw', 'edit', 'db', 'display', 'attribute', 'js' );
     348
     349        foreach ( $contexts as $context ) {
     350            $bookmark = get_bookmark( self::$bookmark->link_id, OBJECT, $context );
     351
     352            $this->assertInternalType( 'int', $bookmark->link_id );
     353            $this->assertInternalType( 'int', $bookmark->link_rating );
     354        }
     355    }
     356
     357    /**
    344358     * Initialize the get_bookmark's function arguments to match the order of the function's signature and
    345359     * reduce code in the tests.
Note: See TracChangeset for help on using the changeset viewer.