From e4bc49c244e36a4a0abb1385e14c213a4674cce1 Mon Sep 17 00:00:00 2001 From: Scott Taylor Date: Thu, 22 May 2014 18:34:15 +0000 Subject: [PATCH] Because PHP can be configured without `--filter`, it is not 100% safe to use `filter_var()`. This is problematic for casting `"false"` to `false`, as PHP always casts it to `true`. `FILTER_VALIDATE_BOOLEAN` fixes this, but it may not be available. Add a new function, `wp_validate_boolean()`, to replace `filter_var( $var, FILTER_VALIDATE_BOOLEAN )`. Fixes #28170. Built from https://develop.svn.wordpress.org/trunk@28542 git-svn-id: http://core.svn.wordpress.org/trunk@28368 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/functions.php | 20 ++++++++++++++++++++ wp-includes/media.php | 8 ++++---- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/wp-includes/functions.php b/wp-includes/functions.php index f98a3f8b5f..94e99d1ae6 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -4445,3 +4445,23 @@ function mbstring_binary_safe_encoding( $reset = false ) { function reset_mbstring_encoding() { mbstring_binary_safe_encoding( true ); } + +/** + * Alternative to filter_var( $var, FILTER_VALIDATE_BOOLEAN ) + * + * @since 4.0.0 + * + * @param mixed $var + * @return boolean + */ +function wp_validate_boolean( $var ) { + if ( is_bool( $var ) ) { + return $var; + } + + if ( 'false' === $var ) { + return false; + } + + return (bool) $var; +} \ No newline at end of file diff --git a/wp-includes/media.php b/wp-includes/media.php index 135ee95caa..364817712f 100644 --- a/wp-includes/media.php +++ b/wp-includes/media.php @@ -1272,10 +1272,10 @@ function wp_playlist_shortcode( $attr ) { $data = array( 'type' => $atts['type'], // don't pass strings to JSON, will be truthy in JS - 'tracklist' => filter_var( $atts['tracklist'], FILTER_VALIDATE_BOOLEAN ), - 'tracknumbers' => filter_var( $atts['tracknumbers'], FILTER_VALIDATE_BOOLEAN ), - 'images' => filter_var( $atts['images'], FILTER_VALIDATE_BOOLEAN ), - 'artists' => filter_var( $atts['artists'], FILTER_VALIDATE_BOOLEAN ), + 'tracklist' => wp_validate_boolean( $atts['tracklist'] ), + 'tracknumbers' => wp_validate_boolean( $atts['tracknumbers'] ), + 'images' => wp_validate_boolean( $atts['images'] ), + 'artists' => wp_validate_boolean( $atts['artists'] ), ); $tracks = array();