From 604b273c0f8e6ea7d304c7602ec6742bf48ccad6 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov <sergeybiryukov.ru@gmail.com> Date: Thu, 27 Aug 2020 02:48:06 +0000 Subject: [PATCH] Taxonomy: Make sure `wp_terms_checklist()` and `Walker_Category_Checklist::start_el()` properly handle an array of strings as `selected_cats` or `popular_cats` values. Even with these values documented as an array of integers, they can technically also accept an array of strings, e.g. as form results. Add a unit test. Props brianhogg, TimothyBlynJacobs, SergeyBiryukov. Fixes #51137. Built from https://develop.svn.wordpress.org/trunk@48880 git-svn-id: http://core.svn.wordpress.org/trunk@48642 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/includes/class-walker-category-checklist.php | 4 ++-- wp-admin/includes/template.php | 4 ++-- wp-includes/version.php | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/wp-admin/includes/class-walker-category-checklist.php b/wp-admin/includes/class-walker-category-checklist.php index f4d3fbed36..4c6cc9ef31 100644 --- a/wp-admin/includes/class-walker-category-checklist.php +++ b/wp-admin/includes/class-walker-category-checklist.php @@ -81,11 +81,11 @@ class Walker_Category_Checklist extends Walker { $name = 'tax_input[' . $taxonomy . ']'; } - $args['popular_cats'] = empty( $args['popular_cats'] ) ? array() : $args['popular_cats']; + $args['popular_cats'] = ! empty( $args['popular_cats'] ) ? array_map( 'intval', $args['popular_cats'] ) : array(); $class = in_array( $category->term_id, $args['popular_cats'], true ) ? ' class="popular-category"' : ''; - $args['selected_cats'] = empty( $args['selected_cats'] ) ? array() : $args['selected_cats']; + $args['selected_cats'] = ! empty( $args['selected_cats'] ) ? array_map( 'intval', $args['selected_cats'] ) : array(); if ( ! empty( $args['list_only'] ) ) { $aria_checked = 'false'; diff --git a/wp-admin/includes/template.php b/wp-admin/includes/template.php index d77d2104da..ad87a89521 100644 --- a/wp-admin/includes/template.php +++ b/wp-admin/includes/template.php @@ -120,7 +120,7 @@ function wp_terms_checklist( $post_id = 0, $args = array() ) { $args['list_only'] = ! empty( $parsed_args['list_only'] ); if ( is_array( $parsed_args['selected_cats'] ) ) { - $args['selected_cats'] = $parsed_args['selected_cats']; + $args['selected_cats'] = array_map( 'intval', $parsed_args['selected_cats'] ); } elseif ( $post_id ) { $args['selected_cats'] = wp_get_object_terms( $post_id, $taxonomy, array_merge( $args, array( 'fields' => 'ids' ) ) ); } else { @@ -128,7 +128,7 @@ function wp_terms_checklist( $post_id = 0, $args = array() ) { } if ( is_array( $parsed_args['popular_cats'] ) ) { - $args['popular_cats'] = $parsed_args['popular_cats']; + $args['popular_cats'] = array_map( 'intval', $parsed_args['popular_cats'] ); } else { $args['popular_cats'] = get_terms( array( diff --git a/wp-includes/version.php b/wp-includes/version.php index d7b2cb2d4d..7a2fe6daca 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -13,7 +13,7 @@ * * @global string $wp_version */ -$wp_version = '5.6-alpha-48878'; +$wp_version = '5.6-alpha-48880'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.