WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

REST API: Slash existing meta values when comparing with incoming meta upates. 

When comparing the old and new values for a meta key being set, ensure both values are sanitized using the same logic so that equal values match.

props boonebgorges, dcavins, MattGeri, pilou69, TimothyBlynJacobs, kadamwhite.

Merges [43740] to trunk.

Fixes #42069.
Built from https://develop.svn.wordpress.org/trunk@44113


git-svn-id: http://core.svn.wordpress.org/trunk@43943 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
desrosj 2018-12-13 16:30:37 +00:00
parent 8614d14887
commit 4e57c6f941
2 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
wp-includes/rest-api/fields/class-wp-rest-meta-fields.php
View File

@ -317,19 +317,17 @@ abstract class WP_REST_Meta_Fields {
); );
} }
$meta_key = wp_slash( $meta_key );
$meta_value = wp_slash( $value );
// Do the exact same check for a duplicate value as in update_metadata() to avoid update_metadata() returning false. // Do the exact same check for a duplicate value as in update_metadata() to avoid update_metadata() returning false.
$old_value = get_metadata( $meta_type, $object_id, $meta_key ); $old_value = get_metadata( $meta_type, $object_id, $meta_key );
$subtype = get_object_subtype( $meta_type, $object_id );
if ( 1 === count( $old_value ) ) { if ( 1 === count( $old_value ) ) {
if ( $old_value[0] === $meta_value ) { if ( (string) sanitize_meta( $meta_key, $value, $meta_type, $subtype ) === $old_value[0] ) {
return true; return true;
} }
} }
if ( ! update_metadata( $meta_type, $object_id, $meta_key, $meta_value ) ) { if ( ! update_metadata( $meta_type, $object_id, wp_slash( $meta_key ), wp_slash( $value ) ) ) {
return new WP_Error( return new WP_Error(
'rest_meta_database_error', 'rest_meta_database_error',
__( 'Could not update meta value in database.' ), __( 'Could not update meta value in database.' ),

2
wp-includes/version.php
View File

@ -13,7 +13,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '5.1-alpha-44112'; $wp_version = '5.1-alpha-44113';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.