Last active
January 17, 2023 15:32
-
-
Save ridinghoodmedia/181b0591ba68f62f9c13df60c0bf2688 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * file: wp-content/plugins/gravityforms/includes/query/class-gf-query.php | |
| * lines: 331 - 333 | |
| * Line 331: Here is where the bug starts, $value = [1, 2, 3], input type = 'number', and condition = 'in'. Despite $value being | |
| * an array, the conditions pass. | |
| * Line 332: The array is not numeric, so the condition passes | |
| * Line 333: The value is converted to a float (1.0) so the filter doesn't work | |
| */ | |
| if ( $field && $operator != GF_Query_Condition::LIKE && ( $field->get_input_type() == 'number' || rgar( $filter, 'is_numeric' ) ) ) { | |
| if ( ! is_numeric( $value ) ) { | |
| $value = floatval( $value ); | |
| ... | |
| // This is line 343, this never gets the chance to execute, but it should | |
| if ( is_array( $value ) ) { | |
| /** | |
| * file: my-code.php | |
| * | |
| * I don't think this is relevant, but this code is included in a GravityViews filter, which hooks into a gforms filter | |
| * executed in the file above (class-gf-query.php). | |
| */ | |
| ... | |
| $criteria['search_criteria']['field_filters'][] = ['key' => 1, 'operator' => 'in', 'value' => array(1, 2, 3)]; | |
| ... | |
| return $criteria; | |
| ... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment