Make WordPress Core

Opened 8 months ago

Last modified 5 months ago

#42195 new defect (bug)

wp_slash() is lossy

Reported by: johnbillion Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Formatting Keywords: needs-patch dev-feedback has-unit-tests
Focuses: Cc:


Calling wp_slash() converts all values to strings, causing data loss for integers, floats, and booleans.


wp_slash( 123 ); // '123'
wp_slash( 123.4 ); // '123.4'

The above results in the values being cast to strings.

Booleans are cast to strings too, with a value of '1' or an empty string:

wp_slash( true ); // '1'
wp_slash( false ); // ''

This causes particular problems for delete_metadata() when passing a meta value, because the meta value is slashed before being serialized in order to perform the SQL lookup for matching rows, causing the lookup to fail.

Attachments (1)

42195-unit-tests.diff (1.0 KB) - added by andizer 5 months ago.
Unit tests

Download all attachments as: .zip

Change History (4)

5 months ago

Unit tests

#2 @andizer
5 months ago

  • Keywords has-unit-tests added; needs-unit-tests removed

#3 @jrf
5 months ago

Anyone any feedback on the question I pose here: https://core.trac.wordpress.org/ticket/24106#comment:12 ?

Note: See TracTickets for help on using tickets.