my special case:
lately i tried to store an array containing a bool among several values using function update_user_meta().
the array was serialized and stored as string, but before that the boolean value always got converted to a string "1".
several hours of debuging wp core code i found out that update_user_meta uses stripslashes_deep() in file wp-includes/formatting.php, which uses php function stripslashes recursively on all array (and object) elements.
the problem here is that php function stripslashes() returns a string for every type which is given to it. hence a bool true becomes a string "1". and that is totally against what i expected from function update_user_meta().
the wordpress documentation does mention the usage of php function stripslashes() on the page for stripslashes_deep(), but mentions nothing of type conversion or usage of either of the stripping functions on the page for update_user_meta().
and anyways: this is totally counter intuitive and imo malicious.
i hacked stripslashes_deep() so it does conversions just on strings, from
function stripslashes_deep($value) {
if ( is_array($value) ) {
$value = array_map('stripslashes_deep', $value);
} elseif ( is_object($value) ) {
$vars = get_object_vars( $value );
foreach ($vars as $key=>$data) {
$value->{$key} = stripslashes_deep( $data );
}
} else{
$value = stripslashes($value);
}
return $value;
}to
function stripslashes_deep($value) {
if ( is_array($value) ) {
$value = array_map('stripslashes_deep', $value);
} elseif ( is_object($value) ) {
$vars = get_object_vars( $value );
foreach ($vars as $key=>$data) {
$value->{$key} = stripslashes_deep( $data );
}
} elseif(is_string($value)) {
$value = stripslashes($value);
}
return $value;
}what is your opinion on this?
