vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2025-10-16 12:05:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add strict check in wp_xmlrpc_server::set_custom_fields(). The slash strip ensures these values are the same data type, but it might not be that way forever. props xknown.

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@24521 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin 2013-06-27 02:46:23 +00:00
parent ac0d0d1dee
commit 0d3ca6acdd
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/class-wp-xmlrpc-server.php
View File

@ -281,7 +281,7 @@ class wp_xmlrpc_server extends IXR_Server {
$pmeta = get_metadata_by_mid( 'post', $meta['id'] );
if ( isset($meta['key']) ) {
$meta['key'] = wp_unslash( $meta['key'] );
if ( $meta['key'] != $pmeta->meta_key )
if ( $meta['key'] !== $pmeta->meta_key )
continue;
$meta['value'] = wp_unslash( $meta['value'] );
if ( current_user_can( 'edit_post_meta', $post_id, $meta['key'] ) )