Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-09-28 15:17:42 +02:00
Code Issues Projects Releases Wiki Activity

Bail on update_user_meta() when $object_id is non-numeric.

Browse Source 
Adds unit test.

Props jacklenox, wonderboymusic.
Fixes #28315.

Built from https://develop.svn.wordpress.org/trunk@29339


git-svn-id: http://core.svn.wordpress.org/trunk@29119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Scott Taylor 2014-08-01 17:10:15 +00:00
parent 23905f1616
commit 0d2a5c437e
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
wp-includes/meta.php
View File

@ -137,8 +137,9 @@ function update_metadata($meta_type, $object_id, $meta_key, $meta_value, $prev_v
if ( !$meta_type || !$meta_key )
return false;
if ( !$object_id = absint($object_id) )
if ( ! is_numeric( $object_id ) || ! $object_id = absint( $object_id ) ) {
return false;
}
if ( ! $table = _get_meta_table($meta_type) )
return false;