Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #20993 from woocommerce/fix/20959 

Changed wc_clean to checking for valid utf8 for line items and password.
This commit is contained in:
Claudiu Lodromanean 2018-08-22 10:12:48 -07:00 committed by GitHub
parent 64c9b5fc6a 1a2f0d4a0b
commit fe69a875e2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
includes/admin/wc-admin-functions.php
View File

@ -208,7 +208,7 @@ function wc_save_order_items( $order_id, $items ) {
$item_data = array();
foreach ( $data_keys as $key => $default ) {
$item_data[ $key ] = isset( $items[ $key ][ $item_id ] ) ? wc_clean( wp_unslash( $items[ $key ][ $item_id ] ) ) : $default;
$item_data[ $key ] = isset( $items[ $key ][ $item_id ] ) ? wp_check_invalid_utf8( wp_unslash( $items[ $key ][ $item_id ] ) ) : $default;
}
if ( '0' === $item_data['order_item_qty'] ) {

2
includes/api/v1/class-wc-rest-customers-controller.php
View File

@ -419,7 +419,7 @@ class WC_REST_Customers_V1_Controller extends WC_REST_Controller {
// Customer password.
if ( isset( $request['password'] ) ) {
$customer->set_password( wc_clean( $request['password'] ) );
$customer->set_password( $request['password'] );
}
$this->update_customer_meta_fields( $customer, $request );

3
includes/class-wc-checkout.php
View File

@ -623,6 +623,9 @@ class WC_Checkout {
case 'textarea':
$value = isset( $_POST[ $key ] ) ? wc_sanitize_textarea( wp_unslash( $_POST[ $key ] ) ) : ''; // WPCS: input var ok, CSRF ok.
break;
case 'password':
$value = isset( $_POST[ $key ] ) ? wp_unslash( $_POST[ $key ] ) : ''; // WPCS: input var ok, CSRF ok, sanitization ok.
break;
default:
$value = isset( $_POST[ $key ] ) ? wc_clean( wp_unslash( $_POST[ $key ] ) ) : ''; // WPCS: input var ok, CSRF ok.
break;

2
includes/class-wc-customer.php
View File

@ -294,7 +294,7 @@ class WC_Customer extends WC_Legacy_Customer {
* @param string $password Password.
*/
public function set_password( $password ) {
$this->password = wc_clean( $password );
$this->password = $password;
}
/**

2
includes/class-wc-order-item.php
View File

@ -186,7 +186,7 @@ class WC_Order_Item extends WC_Data implements ArrayAccess {
* @param string $value Item name.
*/
public function set_name( $value ) {
$this->set_prop( 'name', wc_clean( $value ) );
$this->set_prop( 'name', wp_check_invalid_utf8( $value ) );
}
/*