Customize: Safeguard a check on the `customize_validate_{$setting_id}` filter value to ensure it is a `WP_Error`.

While the filter is documented to only support a `WP_Error`, it has been a common practice to return true in a validation function if no errors have occurred. This was already caught when the same filter was executed in `WP_Customize_Setting`, it was however missing in `WP_Customize_Manager::validate_setting_values()`.

Props flixos90.

Merges [43578] to the 5.0 branch.
Fixes #44809.
Built from https://develop.svn.wordpress.org/branches/5.0@44392


git-svn-id: http://core.svn.wordpress.org/branches/5.0@44222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
desrosj 2019-01-04 20:30:45 +00:00
parent 34766cd6f8
commit e961742769
2 changed files with 2 additions and 2 deletions

View File

@ -2284,7 +2284,7 @@ final class WP_Customize_Manager {
if ( ! is_wp_error( $validity ) ) {
/** This filter is documented in wp-includes/class-wp-customize-setting.php */
$late_validity = apply_filters( "customize_validate_{$setting->id}", new WP_Error(), $unsanitized_value, $setting );
if ( ! empty( $late_validity->errors ) ) {
if ( is_wp_error( $late_validity ) && ! empty( $late_validity->errors ) ) {
$validity = $late_validity;
}
}

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '5.0.3-alpha-44390';
$wp_version = '5.0.3-alpha-44392';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.