diff options
author | Stefan Giehl <stefan@piwik.org> | 2018-10-11 02:00:43 +0300 |
---|---|---|
committer | diosmosis <diosmosis@users.noreply.github.com> | 2018-10-11 02:00:43 +0300 |
commit | eb965d4ff002943ce926c99267511af55dee10cf (patch) | |
tree | 61e3f6607e9f4e4c97621e9220771251f3a3491e /plugins/Annotations | |
parent | 8c07b4d61e662c77f1eb249d22256c5fa98ab496 (diff) |
Implements wrapper method for a more secure unserialize with PHP 7 (#13285)
* Implements wrapper method for a more secure unserialize
* run AllTests on PHP 7
* trigger a debug message if unserialize fails on PHP 7 + tests
* Add string to deserialize to debug log.
Diffstat (limited to 'plugins/Annotations')
-rw-r--r-- | plugins/Annotations/AnnotationList.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/plugins/Annotations/AnnotationList.php b/plugins/Annotations/AnnotationList.php index 823c7bf125..845cbfe9ae 100644 --- a/plugins/Annotations/AnnotationList.php +++ b/plugins/Annotations/AnnotationList.php @@ -9,6 +9,7 @@ namespace Piwik\Plugins\Annotations; use Exception; +use Piwik\Common; use Piwik\Date; use Piwik\Option; use Piwik\Piwik; @@ -330,7 +331,7 @@ class AnnotationList $serialized = Option::get($optionName); if ($serialized !== false) { - $result[$id] = @unserialize($serialized); + $result[$id] = Common::safe_unserialize($serialized); if (empty($result[$id])) { // in case unserialize failed $result[$id] = array(); |