Formatting: Avoid escaping valid XML values in esc_xml().

This change improves the `esc_xml()` function by replacing two `empty()` checks with `isset()` to cover values that are not equal to `''` but still returning `true` when checked with `empty()`, like `'0'`, `0` or `false`. It also updates the related unit tests accordingly. Props rumpel2116, pbiron. Fixes #55399. git-svn-id: https://develop.svn.wordpress.org/trunk@53144 602fd350-edb4-49c9-b593-d223f7449a82
2025-01-18 05:18:42 +01:00 · 2022-04-11 19:58:04 +00:00 · 2022-04-11 19:58:04 +00:00 · 4ee40e3ff1
commit 4ee40e3ff1
parent 0453d1bc0d
2 changed files with 7 additions and 2 deletions
--- a/src/wp-includes/formatting.php
+++ b/src/wp-includes/formatting.php
@ -4639,11 +4639,11 @@ EOF;
 	$safe_text = (string) preg_replace_callback(
 		$regex,
 		static function( $matches ) {
-			if ( ! $matches[0] ) {
+			if ( ! isset( $matches[0] ) ) {
 				return '';
 			}

-			if ( ! empty( $matches['non_cdata'] ) ) {
+			if ( isset( $matches['non_cdata'] ) ) {
 				// escape HTML entities in the non-CDATA Section.
 				return _wp_specialchars( $matches['non_cdata'], ENT_XML1 );
 			}
--- a/tests/phpunit/tests/formatting/escXml.php
+++ b/tests/phpunit/tests/formatting/escXml.php
@ -42,6 +42,11 @@ class Tests_Formatting_EscXml extends WP_UnitTestCase {
 				"SELECT meta_key, meta_value FROM wp_trunk_sitemeta WHERE meta_key IN ('site_name', 'siteurl', 'active_sitewide_plugins', '_site_transient_timeout_theme_roots', '_site_transient_theme_roots', 'site_admins', 'can_compress_scripts', 'global_terms_enabled') AND site_id = 1",
 				'SELECT meta_key, meta_value FROM wp_trunk_sitemeta WHERE meta_key IN (&apos;site_name&apos;, &apos;siteurl&apos;, &apos;active_sitewide_plugins&apos;, &apos;_site_transient_timeout_theme_roots&apos;, &apos;_site_transient_theme_roots&apos;, &apos;site_admins&apos;, &apos;can_compress_scripts&apos;, &apos;global_terms_enabled&apos;) AND site_id = 1',
 			),
+			// Zero string.
+			array(
+				'0',
+				'0',
+			),
 		);
 	}