From e41e38183dce4f25e017f17cc7e974d96fe865af Mon Sep 17 00:00:00 2001 From: Scott Taylor Date: Sat, 1 Nov 2014 22:17:22 +0000 Subject: [PATCH] In `customize.php`, check that `$autofocus` is an `array` after running `wp_unslash()` instead of before. This is admittedly to skip a traversable hint in Scrutinizer. See #30224. Built from https://develop.svn.wordpress.org/trunk@30164 git-svn-id: http://core.svn.wordpress.org/trunk@30164 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/customize.php | 10 ++++++---- wp-includes/version.php | 2 +- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/wp-admin/customize.php b/wp-admin/customize.php index 50ee0ad111..1f85ec6c75 100644 --- a/wp-admin/customize.php +++ b/wp-admin/customize.php @@ -282,11 +282,13 @@ do_action( 'customize_controls_print_scripts' ); } // Pass to frontend the Customizer construct being deeplinked - if ( isset( $_GET['autofocus'] ) && is_array( $_GET['autofocus'] ) ) { + if ( isset( $_GET['autofocus'] ) ) { $autofocus = wp_unslash( $_GET['autofocus'] ); - foreach ( $autofocus as $type => $id ) { - if ( isset( $settings[ $type . 's' ][ $id ] ) ) { - $settings['autofocus'][ $type ] = $id; + if ( is_array( $autofocus ) ) { + foreach ( $autofocus as $type => $id ) { + if ( isset( $settings[ $type . 's' ][ $id ] ) ) { + $settings['autofocus'][ $type ] = $id; + } } } } diff --git a/wp-includes/version.php b/wp-includes/version.php index 0ea9d79103..2f3ebc9711 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.1-alpha-30163'; +$wp_version = '4.1-alpha-30164'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.