When inserting a new set of API keys via the visual API endpoint, only 5 format
values were specified in the 3rd param passed to the $wpdb->insert(); however,
6 values were specified in the 2nd param. This meant that the truncted_key value
was being formatted as an integer only the first numerical characters of the last
7 character of the consumer key were being stored. For example, given a consumer
key value of ck_e91f2aeae6c3dea3045293a3dbdf55c317ad762c the truncated_key value
should be 7ad762c but instead, it was being stored at 7.
Sanitize early, escape late. Rather than double escaping, I figured
it’d be better to sprintf it in, and then escape that string — closer
to the output.
Also, I’m not sure why `urlencode` was used to escape a name?
There’s a lot of them, so I’m breaking them into multiple commits.
This is safeguarding stuff in case some translation uses a double
quote, it will no longer risk breaking out of the attribute.
array_filter() expects parameter 1 to be array, boolean given
/wp-content/plugins/woocommerce/includes/admin/class-wc-admin-duplicate-
product.php(171)
$exclude is evaluated as a boolean.
WooCommerce prior to WC 2.4 saved the product type before any variations were saved because
WC_Meta_Box_Product_Data::save_variations() was called by WC_Meta_Box_Product_Data::save().
However, in WC 2.4 the variations are saved independently of other data about the containing
variable product, including product type. Because the product type hasn't been saved yet,
extensions that need to save their own variation level meta data can't know when saving
variations if the product is of the type they want to act on. They also can't check `$_POST`
to find out when saving variations, because 'product-type' isn't passed to that as it's
variable level meta data, not variation level meta data.
This patch passes the product type along with the variation level meta data when saving variations.
It then uses that to save the product type if the variable product has not yet been saved (and
therefore the product type has never been stored, which means calling get_product() would instantiate
a 'simple' product, as that is the default product type). This can lead to fatal errors if callbacks
expect the product type to be variable and attempt to call methods that only exist on those product
types, like variable_product_sync().
It will also update the product type if it was previously saved but has since changed. This prevents
fatal errors like that mentioned above but caused by switching from one product type, like a simple
product, to another, like a variable product.
Claudio Sanches
Mike Jolley
Brent Shepherd
Shiva Poudel
George Stephanis
Nicola Mustone
Nicola Mustone
toddlahman
Fredrik Rossland
JeroenSormani
nils-fredrik@maksimer.no