Sanitize only string and numeric fields in the user object. Props filosofo hakre. fixes #11509 for trunk

git-svn-id: http://svn.automattic.com/wordpress/trunk@12511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2009-12-23 15:02:06 +00:00
parent 36d9a3677e
commit ca9d676eef
1 changed files with 3 additions and 4 deletions

View File

@ -638,9 +638,8 @@ function sanitize_user_object($user, $context = 'display') {
else
$vars = get_object_vars($user);
foreach ( array_keys($vars) as $field ) {
if ( is_array($user->$field) )
continue;
$user->$field = sanitize_user_field($field, $user->$field, $user->ID, $context);
if ( is_string($user->$field) || is_numeric($user->$field) )
$user->$field = sanitize_user_field($field, $user->$field, $user->ID, $context);
}
$user->filter = $context;
} else {
@ -689,7 +688,7 @@ function sanitize_user_field($field, $value, $user_id, $context) {
if ( 'raw' == $context )
return $value;
if ( is_array($value) )
if ( !is_string($value) && !is_numeric($value) )
return $value;
$prefixed = false;