File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -463,12 +463,23 @@ public function applyMutation($mutations, $value)
463463 }
464464
465465 // Define the allowed mutations.
466- // Array value contains the arguments to pass to the function.
466+ // Array value contains the arguments to pass to the function as well as expected type .
467467 $ allowed
468- 'json_encode ' => [],
469- 'json_decode ' => [true ],
470- 'base64_decode ' => [],
471- 'intval ' => []
468+ 'json_encode ' => [
469+ 'args ' => []
470+ ],
471+ 'json_decode ' => [
472+ 'args ' => [true ],
473+ 'type ' => 'is_string '
474+ ],
475+ 'base64_decode ' => [
476+ 'args ' => [],
477+ 'type ' => 'is_string '
478+ ],
479+ 'intval ' => [
480+ 'args ' => [],
481+ 'type ' => 'is_scalar '
482+ ]
472483 ];
473484
474485 // If it's not a whitelisted mutation, reject and return original value.
@@ -481,7 +492,18 @@ public function applyMutation($mutations, $value)
481492 // Apply the mutations in ascending order.
482493 try {
483494 foreach ($ mutationsas $ mutation
484- $ value$ mutation$ value$ allowed$ mutation
495+ // In order to avoid errors if the wrong type of value is passed to the function.
496+ if (isset ($ allowed$ mutation'type ' ]) && !call_user_func ($ allowed$ mutation'type ' ], $ value
497+ continue ;
498+ }
499+
500+ // Call the function with given arguments.
501+ $ valuecall_user_func_array ($ mutationarray_merge ([$ value$ allowed$ mutation'args ' ]));
502+
503+ // No need to continue in these scenarios.
504+ if (is_null ($ value$ valuefalse || $ value0 ) {
505+ return $ value
506+ }
485507 }
486508 } catch (\Exception $ e
487509 return $ value
You can’t perform that action at this time.
0 commit comments