When saving the settings via the admin UI, the default value for any options not passed in the current `$_POST` request is set to `null` in `wp-admin/options.php`. Some options, e.g. `blog_public`, then rely on `null` being passed to `update_option()` to determine whether the value was changed or not.
This commit resolves a PHP 8.1 deprecation notice when saving the `gmt_offset` option without any changes:
{{{
Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
}}}
Includes a similar fix for the `blog_charset` option.
Follow-up to [4112], [4329], [5541], [21849].
Props adi3890, dhrupo, hrdelwar, hasanmisbah, oglekler, mukesh27, SergeyBiryukov.
Fixes#57728.
git-svn-id: https://develop.svn.wordpress.org/trunk@56132 602fd350-edb4-49c9-b593-d223f7449a82
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [55988], [56021].
See #58206.
git-svn-id: https://develop.svn.wordpress.org/trunk@56031 602fd350-edb4-49c9-b593-d223f7449a82
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [55988].
Props spacedmonkey.
See #58220.
git-svn-id: https://develop.svn.wordpress.org/trunk@56021 602fd350-edb4-49c9-b593-d223f7449a82
`str_starts_with()` and `str_ends_with()` were introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins or ends with the given substring (needle).
WordPress core includes a polyfill for these functions on PHP < 8.0 as of WordPress 5.9.
This commit uses `str_starts_with()` and `str_ends_with()` in core files where appropriate:
* `$needle === substr( $string, 0, $length )`, where `$length` is the length of `$needle`, is replaced with `str_starts_with( $haystack, $needle )`.
* `$needle === substr( $string, $offset )`, where `$offset` is negative and the absolute value of `$offset` is the length of `$needle`, is replaced with `str_ends_with( $haystack, $needle )`.
This aims to make the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987], [55988].
Props Soean, spacedmonkey, Clorith, ocean90, azaozz, sabernhardt, SergeyBiryukov.
Fixes#58220.
git-svn-id: https://develop.svn.wordpress.org/trunk@55990 602fd350-edb4-49c9-b593-d223f7449a82
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].
Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes#58206.
git-svn-id: https://develop.svn.wordpress.org/trunk@55988 602fd350-edb4-49c9-b593-d223f7449a82
The `sprintf()` is not being passed any values, and there is no placeholder to replace.
This originated in r52132 in which I erroneously included this `sprintf()` in
two places. I fixed one of the cases in r52151 but I missed the other.
Follow-up to [52132], [52151].
Fixes#58436.
See #44632.
git-svn-id: https://develop.svn.wordpress.org/trunk@55875 602fd350-edb4-49c9-b593-d223f7449a82
This changeset adds support for schwa character. Ə (U+018F) and ə (U+0259) are part of Latin Extended-B and used in
several languages like Azerbaijani or also in gender neutral Italian.
Props suleymankenar, audrasjb, przemekhernik.
Fixes#57609.
git-svn-id: https://develop.svn.wordpress.org/trunk@55858 602fd350-edb4-49c9-b593-d223f7449a82
The `wp_filter_content_tags()` function, which modifies image tags for example to optimize performance, is hooked into the `the_content` filter by default. When rendering an excerpt for a post that doesn't have a manually provided excerpt, the post content is used to generate the excerpt, handled by the `wp_trim_excerpt()` function.
Prior to this changeset, this led to `wp_filter_content_tags()` being called on the content when generating the excerpt, which is wasteful as all tags are stripped from the excerpt, and it furthermore could result in a lazy-loading bug when the post content contained images, as those images were being counted even though they would never be rendered as part of the excerpt.
This changeset fixes the bug and slightly improves performance for generating an excerpt by temporarily unhooking the `wp_filter_content_tags()` function from the `the_content` filter when using it to generate the excerpt.
Props costdev, flixos90, joemcgill, mukesh27, salvoaranzulla, spacedmonkey, thekt12, westonruter.
Fixes#56588.
git-svn-id: https://develop.svn.wordpress.org/trunk@55850 602fd350-edb4-49c9-b593-d223f7449a82
Introduce the `sanitize_locale_name()` for sanitizing user input of locales.
Props xknown, timothyblynjacobs, ocean90, peterwilsoncc.
git-svn-id: https://develop.svn.wordpress.org/trunk@55760 602fd350-edb4-49c9-b593-d223f7449a82
This resolves a WPCS warning:
{{{
Variable "$myHTML" is not in valid snake_case format, try "$my_h_t_m_l"
}}}
It also matches other formatting functions with the `$text` parameter, e.g. `esc_html()`, `ent2ncr()`, etc.
Follow-up to [1727], [3717], [8662], [8743], [54927].
Props victoranto, audrasjb, jrf.
Fixes#58129.
git-svn-id: https://develop.svn.wordpress.org/trunk@55651 602fd350-edb4-49c9-b593-d223f7449a82
Includes documenting data provider values using hash notation in the tests for:
* `convert_smilies()`
* `get_url_in_content()`
* `links_add_target()`
* `normalize_whitespace()`
Follow-up to [26191], [26327], [26328], [26972], [55562].
See #57841.
git-svn-id: https://develop.svn.wordpress.org/trunk@55563 602fd350-edb4-49c9-b593-d223f7449a82
After the introduction of `_make_clickable_rel_attr()` in an earlier commit, the function ended up returning link markup with a mix of single and double quotes.
This commit ensures that `_make_web_ftp_clickable_cb()` always returns double quotes, restoring consistency with other similar callback functions used by `make_clickable()`:
* `_make_url_clickable_cb()`
* `_make_email_clickable_cb()`
Follow-up to [55289].
See #53290, #56444.
git-svn-id: https://develop.svn.wordpress.org/trunk@55495 602fd350-edb4-49c9-b593-d223f7449a82
This changeset replaces various HelpHub links that have changed to avoid extra 301 redirections.
Props sabernhardt, audrasjb.
See #57726.
git-svn-id: https://develop.svn.wordpress.org/trunk@55414 602fd350-edb4-49c9-b593-d223f7449a82
This aims to clarify a few inline comments related to removing percent-encoded characters and HTML entities.
Affected functions:
* `sanitize_user()`
* `sanitize_title_with_dashes()`
* `sanitize_html_class()`
* `_sanitize_text_fields()`
* `get_comments_number_text()`
Follow-up to [465], [3454], [11433], [12503], [37987].
Props ace100, tanjimtc71, codemonksuvro, SergeyBiryukov.
Fixes#57712.
git-svn-id: https://develop.svn.wordpress.org/trunk@55346 602fd350-edb4-49c9-b593-d223f7449a82
Internal links should be followed and it should be easier to modify other rel attributes on comments. This adds a helper function for determining if a URL is internal and also adds some new filters to make it easy to modify rel attributes in comments.
Props thomasplevy, desrosj, sabernhardt, benish74, samiamnot, galbaras, jorbin.
Fixes#53290, #56444.
git-svn-id: https://develop.svn.wordpress.org/trunk@55289 602fd350-edb4-49c9-b593-d223f7449a82
This changesets adds a `word_count_type` property, so that it does not need to be translated separately across multiple projects.
List of changes:
- New property: `WP_Locale::word_count_type`.
- New method: `WP_Locale::get_word_count_type()`.
- New function: `wp_get_word_count_type()` as a wrapper for `WP_Locale::get_word_count_type()`.
- All `_x( 'words', 'Word count type. Do not translate!' )` strings have been replaced with a call to `wp_get_word_count_type()`.
Props pedromendonca, desrosj, costdev, mukesh27, johnbillion.
Fixes#56698.
git-svn-id: https://develop.svn.wordpress.org/trunk@55279 602fd350-edb4-49c9-b593-d223f7449a82
The `math` element can be displayed either as a block or inline element. If `wpautop` only treats it as an inline element, it will break multiline elements by inserting `br` elements. Treating the element as a block element means that the editor won't break common normative usages of the `math` element.
Prevent `math` elements from having internal elements split up with `br` elements, disrupting formatting.
Props nicholaswilson, wojtek.szkutnik, hakre, conner_bw, ericlewis, hughie.molloy, SteelWagstaff, ryokuhi, joedolson, bgoewert, adamsilverstein, joedolson.
Fixes#13340.
git-svn-id: https://develop.svn.wordpress.org/trunk@55272 602fd350-edb4-49c9-b593-d223f7449a82
Check the input of `wp_strip_all_tags()` before passing it to `strip_tags()`. This protects against fatal errors introduced in PHP 8, retaining the `E_USER_WARNING` from PHP 7, and prevents a PHP 8.1 deprecation notice when passing null.
Props chocofc1, costdev, jrf, dd32, audrasjb, peterwilsoncc.
Fixes#56434.
git-svn-id: https://develop.svn.wordpress.org/trunk@55245 602fd350-edb4-49c9-b593-d223f7449a82
On some servers, consecutive periods in a filename can cause a 403 Forbidden response.
This changeset replaces consecutive periods with a single period, and adds related unit tests.
Props ArtZ91, costdev, SergeyBiryukov, arthurshlain, mukesh27.
Fixes#57242.
git-svn-id: https://develop.svn.wordpress.org/trunk@55209 602fd350-edb4-49c9-b593-d223f7449a82
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit renames the `$class` parameter to `$classname` in `sanitize_html_class()`.
Follow-up to [54927].
See also: [search:?q=code+modernization+rename+parameters+that+use+reserved+keywords&changeset=on equivalent commits for other files].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
git-svn-id: https://develop.svn.wordpress.org/trunk@55162 602fd350-edb4-49c9-b593-d223f7449a82
This changeset updates the use of "-ise" suffix to American English "-ize" in various files.
Follow-up to [54663], [54664], [55043], [55044].
Props kebbet, mukesh27.
See #56811, #56792.
git-svn-id: https://develop.svn.wordpress.org/trunk@55051 602fd350-edb4-49c9-b593-d223f7449a82
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit:
* Renames the `$echo` parameter to `$display` in:
* `wp_nonce_field()`
* `wp_referer_field()`
* `wp_original_referer_field()`
* Renames the `$string` parameter to `$input_string` in
* `_wp_json_convert_string()`
* `_wp_to_kebab_case()`
* Renames the `$list` parameter to `$input_list` in:
* `wp_parse_list()`
* `wp_parse_id_list()`
* `wp_parse_slug_list()`
* `wp_filter_object_list()`
* `wp_list_filter()`
* `wp_list_pluck()`
* `wp_list_sort()`
* Renames the `$array` parameter to `$input_array` in:
* `add_magic_quotes()`
* `wp_array_slice_assoc()`
* `_wp_array_get()`
* `_wp_array_set()`
* Renames the `$function` parameter to `$function_name` in:
* `_deprecated_function()`
* `_deprecated_argument()`
* `_doing_it_wrong()`
* Renames the `$class` parameter to `$class_name` in `_deprecated_constructor()`.
* Renames the `$default` parameter to `$default_value` in `apache_mod_loaded()`.
* Renames the `$var` parameter to `$value` in `wp_validate_boolean()`.
* Amends the `$input` parameter in `wp_parse_str()` for consistency.
Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365], [54927].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
git-svn-id: https://develop.svn.wordpress.org/trunk@54929 602fd350-edb4-49c9-b593-d223f7449a82
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit:
* Renames the `$string` parameter to `$text` in:
* `_wp_specialchars()`
* `wp_specialchars_decode()`
* `wp_check_invalid_utf8()`
* `remove_accents()`
* `_split_str_by_whitespace()`
* `wp_strip_all_tags()`
* Renames the `$string` parameter to `$value` in:
* `backslashit()`
* `trailingslashit()`
* `untrailingslashit()`
* Renames the `$string` parameter to `$subject` in `wp_iso_descrambler()`.
* Renames the `$match` parameter to `$matches` in `_wp_iso_convert()`.
* Renames the `$string` parameter to `$date_string` in:
* `get_gmt_from_date()`
* `get_date_from_gmt()`
* Renames the `$string` parameter to`$input` in `wp_parse_str()`.
* Renames the `$string` parameter to `$content` in `wp_pre_kses_block_attributes()`.
* Amends the `$text` parameter in `wp_pre_kses_less_than()` for consistency.
Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
git-svn-id: https://develop.svn.wordpress.org/trunk@54927 602fd350-edb4-49c9-b593-d223f7449a82
This applies to:
* `normalizer_is_normalized()`
* `normalizer_normalize()`
Includes removing the `Normalizer::FORM_C` constant as a parameter, since it is the default value for both functions and does not need to be explicitly passed. This avoids a fatal error if a plugin includes polyfill for any of the functions but the `Normalizer` class has a different namespace, for example when using the Symfony polyfill.
Follow-up to [53754].
Props hellofromTonya, costdev, desrosj, mukesh27, zodiac1978, jchambo, gisgeo, SergeyBiryukov.
Fixes#56980.
git-svn-id: https://develop.svn.wordpress.org/trunk@54813 602fd350-edb4-49c9-b593-d223f7449a82
This changeset fixes a potential fatal error, for example when "Max upload file size" setting is set to an empty value. It also adds unit tests for `upload_size_limit_filter`.
Props mjkhajeh, bhrugesh12, SergeyBiryukov, kebbet, audrasjb, felipeelia.
Fixes#55926.
git-svn-id: https://develop.svn.wordpress.org/trunk@54482 602fd350-edb4-49c9-b593-d223f7449a82
This changeset prevents object replacement characters – UTF-8 `%ef%bf%bc`, used as a placeholder in text for an otherwise unspecified object – from being added to slugs.
Props cantuaria, costdev, audrasjb, SergeyBiryukov, archon810, maciejmackowiak, BaneD, markparnell, ironprogrammer, dmsnell, nikkigagency, webprom.
Fixes#55117.
git-svn-id: https://develop.svn.wordpress.org/trunk@54474 602fd350-edb4-49c9-b593-d223f7449a82
The current coding standards note that the name of the class files should be based on the class name with `class-` prepended, and the underscores replaced by hyphens (see the [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#naming-conventions Naming Conventions] section in the handbook), except for the three legacy files: `class.wp-dependencies.php`, `class.wp-scripts.php`, `class.wp-styles.php`.
To bring more consistency to the codebase and make it easier to implement autoloading in the future, this commit renames those three legacy files to conform to the coding standards:
* `wp-includes/class.wp-dependencies.php` → `wp-includes/class-wp-dependencies.php`
* `wp-includes/class.wp-scripts.php` → `wp-includes/class-wp-scripts.php`
* `wp-includes/class.wp-styles.php` → `wp-includes/class-wp-styles.php`
Includes:
* Loading the new files from the old ones, for anyone that may have been including the files directly.
* Replacing references to the old filenames with the new filenames.
Follow-up to [7970], [45654], [45662], [45663], [45678], [47197], [52026], [53749].
Props afragen, schlessera, swissspidy, dingo_d, hellofromTonya, SergeyBiryukov.
Fixes#37861. See #55647.
git-svn-id: https://develop.svn.wordpress.org/trunk@54254 602fd350-edb4-49c9-b593-d223f7449a82
This fixes a bug where if the `timezone_string` is set to a timezone name which has since been deprecated, the option value would be “lost” when saving the value again, as the comparison being done to verify whether it is a valid timezone name would only take “current” timezone names into account and would invalidate deprecated timezone names.
By passing the `DateTimeZone::ALL_WITH_BC` constant as the `$timezoneGroup` parameter to the PHP native `timezone_identifiers_list()` function, a timezone name list is retrieved containing both current and deprecated timezone names, preventing the invalidation of the option value.
See the extensive write-up about this in ticket #56468.
Also see: [https://www.php.net/manual/en/datetimezone.listidentifiers.php PHP Manual: timezone_identifiers_list()].
Includes adding a dedicated test to the data provider used in the `Tests_Option_SanitizeOption` test class.
Note: The new data set is ''named'', even though the other data sets are unnamed, to make sure it is clear what this data set is testing. Adding test names for the original data sets in this data provider would be a great future improvement, but is outside of the scope of this commit.
Follow-up to [18323], [33119], [54207], [54217], [54227].
Props jrf, costdev.
See #56468.
git-svn-id: https://develop.svn.wordpress.org/trunk@54229 602fd350-edb4-49c9-b593-d223f7449a82
- Usage of `get_magic_quotes_gpc()` was removed from `addslashes_gpc()` in [46105] / #47783.
- A similar description fragment was removed from `wp_parse_str()` in that changeset, but this one was missed.
- The `get_magic_quotes_gpc()` function itself was deprecated in PHP 7.4 and removed in PHP 8.0.
Props mitweka, audrasjb, SergeyBiryukov.
Fixes#56233.
See #55646.
git-svn-id: https://develop.svn.wordpress.org/trunk@53776 602fd350-edb4-49c9-b593-d223f7449a82
This changeset adds Unicode sequence normalization from NFD to NFC, via the `normalizer_normalize()` PHP function which is available with the recommended `intl` PHP extension.
This fixes an issue where NFD characters were not properly sanitized. It also provides a unit test for NFD sequences (alternate Unicode representations of the same characters).
Props NumidWasNotAvailable, targz, nacin, nunomorgadinho, p_enrique, gitlost, SergeyBiryukov, markoheijnen, mikeschroder, ocean90, pento, helen, rodrigosevero, zodiac1978, ironprogrammer, audrasjb, azaozz, laboiteare, nuryko, virgar, dxd5001, onnimonni, johnbillion.
Fixes#24661, #47763, #35951.
See #30130, #52654.
git-svn-id: https://develop.svn.wordpress.org/trunk@53754 602fd350-edb4-49c9-b593-d223f7449a82
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.
Follow-up to [11383], [13096], [51597], [53452].
Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes#55852.
git-svn-id: https://develop.svn.wordpress.org/trunk@53455 602fd350-edb4-49c9-b593-d223f7449a82
A general security rule is "Sanitize when you save, escape when you echo".
In WordPress 5.9, `sanitize_url()` was un-deprecated in order to better align with the naming of other sanitizing functions, while still being an alias for `esc_url_raw()`.
This commit reverses the order and turns `esc_url_raw()` into a wrapper for `sanitize_url()`, making the latter the canonical function call and aiming to improve performance by reducing the number of function calls required when using the recommended technique.
Follow-up to [11383], [13096], [51597].
Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
See #55852.
git-svn-id: https://develop.svn.wordpress.org/trunk@53452 602fd350-edb4-49c9-b593-d223f7449a82
This changeset replaces a link to the outdated W3C specs on Custom Elements with a link to the corresponding WhatWG specification.
See #54729.
git-svn-id: https://develop.svn.wordpress.org/trunk@53204 602fd350-edb4-49c9-b593-d223f7449a82
This version introduces support for the latest Emoji added in Emoji 14.
"Insert witty comment newly supported emoji."
Props kraftbj, desrosj, dd32, milana_cap.
Fixes#55395.
git-svn-id: https://develop.svn.wordpress.org/trunk@53150 602fd350-edb4-49c9-b593-d223f7449a82
This change improves the `esc_xml()` function by replacing two `empty()` checks with `isset()` to cover values that are not equal to `''` but still returning `true` when checked with `empty()`, like `'0'`, `0` or `false`. It also updates the related unit tests accordingly.
Props rumpel2116, pbiron.
Fixes#55399.
git-svn-id: https://develop.svn.wordpress.org/trunk@53144 602fd350-edb4-49c9-b593-d223f7449a82
This aims to clarify the list of characters that are stripped from URLs or converted to a hyphen.
Follow-up to [51984].
See #47912, #54729.
git-svn-id: https://develop.svn.wordpress.org/trunk@52821 602fd350-edb4-49c9-b593-d223f7449a82
This highlights the fact that `remove_accents()` is locale-aware and makes it easier to utilize the function with different locales without having to use `switch_to_locale()` or the `locale` filter.
Additionally, this commit relaxes the check for character replacements in German locales to include formal and informal variants of any `de_*` locale, even if WordPress does not have a native translation for some of them yet.
Props malthert, johnbillion, knutsp, ocean90, SergeyBiryukov.
Fixes#54415.
git-svn-id: https://develop.svn.wordpress.org/trunk@52809 602fd350-edb4-49c9-b593-d223f7449a82
The developer facing humor in these functions were from a different era of WordPress. Tolerance for in-jokes and other developer facing humor has decreased over the years. Terms like "pee" and "tinkle" may make some folks chuckle while for others it makes them uncomfortable.
Terminology of the past is being (or has been) re-evaluated to transform words into a language that are inclusive and welcome for all. This commit is part of that effort as it replaces.
Follow-up [13], [9255].
Props ricomoorman, tzipporahwitty, ironprogrammer, peterwilsoncc, jeremyfelt, Viper007Bond, rmccue, SergeyBiryukov, hellofromTonya.
Fixes#25615.
git-svn-id: https://develop.svn.wordpress.org/trunk@52789 602fd350-edb4-49c9-b593-d223f7449a82
This is a follow-up to [52292] which introduced `is_string()` to check the given key is a string to be sanitized, else the key is set to an empty string.
`sanitize_key()` is clearly identified (in the documentation) to only work with ''string'' keys. However, it had a bug in it that allowed non-strings to pass through it:
* A non-scalar "key" would throw a PHP Warning (which was resolved in [52292].
* A non-string scalar "key" was handled by the PHP native `strtolower()` which converted it into a string.
While `is_string()` is valid, non-string scalar types passed as the key to be sanitized were being set to an empty string. Given that `strtolower()` handles these without error or deprecation as of PHP 8.1, `is_scalar()` protects the website from issues while retaining the past behavior of converting integer keys (for example) into a string.
Changes include:
* Using `is_scalar()` instead of `is_string()`
* Refactor for readability and less code
* More tests
Please note, this does not change the behavior of the function, nor redefine it to now accept non-string scalars.
References:
* https://developer.wordpress.org/reference/functions/sanitize_key/
* https://www.php.net/manual/en/function.strtolower.php
Follow-up [52292].
Props wppunk, hellofromTonya, costdev, jrf.
Fixes#54160.
git-svn-id: https://develop.svn.wordpress.org/trunk@52370 602fd350-edb4-49c9-b593-d223f7449a82
