Update/packages 5 8 week1 #1
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
props dd32
props nosolosw
5 tasks
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
… `wp_default_packages_inline_scripts()`. This fixes a "Deprecated: `DateTime::__construct()`: Passing null to parameter #1 (`$datetime`) of type string is deprecated" warning on PHP 8.1. Follow-up to [49083]. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51533 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
As per the PHP manual: > If the `component` parameter is omitted, an associative array is returned. > If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned. Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values] In this case, `parse_url()` is called with the `PHP_URL_PATH` as `$component`, but the returned value is subsequently checked against `false`. In other words, this condition would previously always result in `true` and would lead to `null` potentially being passed to the PHP native `pathinfo()` function which expects a string. On PHP 8.1, this would result in a test failure with a `pathinfo(): Passing null to parameter #1 ($path) of type string is deprecated` error. Reference: [https://www.php.net/manual/en/function.pathinfo.php PHP Manual: pathinfo()] Follow-up to [46175]. Props jrf. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51606 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…rse_request()`. As per the PHP manual: > If the `component` parameter is omitted, an associative array is returned. > If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned. Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values] In this case, `parse_url()` is called with the `PHP_URL_PATH` as `$component`. This will return `null` in the majority of cases, as – exсept for subdirectory-based sites – `home_url()` returns a URL without the trailing slash, like `http://example.org`. The return value of `parse_url()` was subsequently passed to `trim()`, leading to a `trim(): Passing null to parameter #1 ($string) of type string is deprecated` notice on PHP 8.1. Fixed by adjusting the logic flow to: * Only pass the return value of `parse_url()` to follow-on functions if it makes sense, i.e. if it isn't `null`, nor an empty string. * Preventing calls to `preg_replace()` and `trim()` further down in the function logic flow, when `preg_replace()`/`trim()` would have nothing to do anyhow. Follow-up to [25617]. Props jrf, hellofromTonya, SergeyBiryukov. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51622 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
This fixes `parse_str(): Passing null to parameter #1 ($string) of type string is deprecated` notices on PHP 8.1, without change in behaviour. Impact: 311 of the pre-existing tests are affected by this issue. The PHP native `parse_str()` function expects a string, however, based on the failing tests, it is clear there are functions in WordPress which passes a non-string – including `null` – value to the `wp_parse_str()` function, which would subsequently pass it onto the PHP native function without further input validation. Most notable offender is the `wp_parse_args()` function which special cases arrays and objects, but passes everything else off to `wp_parse_str()`. Several ways to fix this issue have been explored, including checking the received value with `is_string()` or `is_scalar()` before passing it off to the PHP native `parse_str()` function. In the end it was decided against these in favor of a string cast as: * `is_string()` would significantly change the behavior for anything non-string. * `is_scalar()` up to a point as well, as it does not take objects with a `__toString()` method into account. Executing a string cast on the received value before passing it on maintains the pre-existing behavior while still preventing the deprecation notice coming from PHP 8.1. Reference: [https://www.php.net/manual/en/function.parse-str.php PHP Manual: parse_str()] Follow-up to [5709]. Props jrf, hellofromTonya, lucatume, SergeyBiryukov. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51624 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…ad_url()`. As per the PHP manual: > If the `component` parameter is omitted, an associative array is returned. > If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned. Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values] This commit adds three unit tests for `download_url()`: * The first test is "girl-scouting" to make sure that the code up to the point where the error is expected is tested. * The second test exposed a PHP 8.1 `basename(): Passing null to parameter #1 ($path) of type string is deprecated` error due to the call to `parse_url()` returning `null` when the component requested does not exist in the passed URL. * The output of the call to `parse_url()` stored in the `$url_path` variable is used in more places in the function logic. The third test exposes a second PHP 8.1 deprecation notice, this time for `substr(): Passing null to parameter #1 ($string) of type string is deprecated`. This commit also removes duplicate `parse_url()` calls. Neither `$url` nor `$url_filename` are changed between when they are first received/defined and when they are re-used, so there is no need to repeat the function calls. Follow-up to [51606], [51622]. Props jrf, hellofromTonya, SergeyBiryukov. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51626 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…Theme Editor screens. As per the PHP manual: > If the `component` parameter is omitted, an associative array is returned. > If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned. Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values] While it is probably unlikely that someone would have a direct link to the plugin/theme editor on their home page or even on someone else's homepage, it is entirely possible for the referrer URL to not have a "path" component. In PHP 8.1, this would lead to a `basename(): Passing null to parameter #1 ($string) of type string is deprecated` notice. Changing the logic around and adding validation for the return type value of `parse_url()` prevents that. Follow-up to [51606], [51622], [51626]. Props jrf, hellofromTonya, SergeyBiryukov. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51629 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…kie_constants()`. As per the PHP manual: > If the `component` parameter is omitted, an associative array is returned. > If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned. Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values] It is entirely possible for the `siteurl` option to not have a "path" component. In PHP 8.1, this would lead to a `trim(): Passing null to parameter #1 ($string) of type string is deprecated` notice. Changing the logic around and adding validation for the return type value of `parse_url()` prevents that. As this function is declaring global constants, adding tests for this change is not really an option without potentially affecting other tests. Follow-up to [51606], [51622], [51626], [51629]. Props jrf, hellofromTonya, SergeyBiryukov. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51630 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…cy_anonymize_ip()`. The `wp_privacy_anonymize_ip()` function expects a string for the `$ip_addr` parameter, but did not do any input validation. One of the pre-existing test cases, passed `null` to the function, leading to a `substr_count(): Passing null to parameter #1 ($haystack) of type string is deprecated` notice on PHP 8.1. Fixed now by doing a cursory check on the variable at the start of the function and bowing out early for a number of cases (`null`, `false`, `0`, `''`) which would all result in the same `0.0.0.0` output anyway. Follow-up [42971]. Props jrf, hellofromTonya. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51793 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…sts()`. The `term_exists()` function expects a string or an integer for the `$term` parameter. It validates for integer, but not for string or `null`. One of the pre-existing test cases, passed `null` to the function, leading to a `trim(): Passing null to parameter #1 ($string) of type string is deprecated` notice on PHP 8.1. Fixed now by doing a cursory check on the variable at the start of the function and bowing out early in case the `$term` is `null`. The issue was discovered via and is already covered by the `Tests_TermExists::test_term_exists_unknown()` test method. Follow-up to [15220]. [38716]. Props jrf, hellofromTonya. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51796 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…_Query::get_sql_for_clause()`. In the `WP_Meta_Query::get_sql_for_clause()`, the `'value'` index from a meta query array is passed to the PHP native `trim()` function without prior validation. In PHP 8.1, this could lead to a `trim(): Passing null to parameter #1 ($string) of type string is deprecated` notice. `trim()` expects a text string and is only useful when ''passed'' a text string as no other variable type can contain whitespace. Fixed now by verifying that the ''value'' is a string before processing it with `trim()`. This issue is already covered by the existing `Tests_Meta_Query::test_null_value_sql()` and the `Tests_Meta_Query::test_convert_null_value_to_empty_string()` tests. Follow-up to [17699], [29887], [29940]. Props jrf, hellofromTonya. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51797 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…tices in `WP_Http::normalize_cookies()`. The `Requests_Cookie` class expects valid - non-`null` - attributes to be passed, either as an array or as a `Requests_Utility_CaseInsensitiveDictionary` object. However, the `WP_Http_Cookie::get_attributes()` explicitly sets the `expires`, `path` and `domain` index keys in an array with values which _may_ be `null`. This will cause `strtotime(): Passing null to parameter #1 ($datetime) of type string is deprecated`-like errors when the attributes are passed to the `Requests_Cookie` class. Note: a `null` value for `path` would generate a similar deprecation notice, but for the `preg_match()` function. Fixed by using `array_filter()` on the attributes to explicitly filter out `null` values before passing the attributes to `Requests_Cookie`. Note: I'm choosing to explicitly only filter `null` values. Using `array_filter()` without a callback would filter out all "empty" values, but that may also remove values which are explicitly set to `false` or `0`, which may be valid values. Fixes two errors in the `external-http` group in the WordPress Core test suite: {{{ 1) Tests_HTTP_Functions::test_get_response_cookies_with_wp_http_cookie_object strtotime(): Passing null to parameter #1 ($datetime) of type string is deprecated /var/www/src/wp-includes/Requests/Cookie.php:268 /var/www/src/wp-includes/Requests/Cookie.php:237 /var/www/src/wp-includes/Requests/Cookie.php:90 /var/www/src/wp-includes/class-http.php:460 /var/www/src/wp-includes/class-http.php:349 /var/www/src/wp-includes/class-http.php:624 /var/www/src/wp-includes/http.php:162 /var/www/tests/phpunit/tests/http/functions.php:156 2) Tests_HTTP_Functions::test_get_cookie_host_only strtotime(): Passing null to parameter #1 ($datetime) of type string is deprecated /var/www/src/wp-includes/Requests/Cookie.php:268 /var/www/src/wp-includes/Requests/Cookie.php:237 /var/www/src/wp-includes/Requests/Cookie.php:90 /var/www/src/wp-includes/class-http.php:460 /var/www/tests/phpunit/tests/http/functions.php:235 }}} Follow-up to [38164], [45135], [51657]. Props jrf, hellofromTonya. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51801 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…tice in `WP_Comment_Query::get_comment_ids()`. The `WP_Comment_Query::get_comment_ids()` method is supposed to handle `null` as a search query, but was throwing a `strlen(): Passing null to parameter #1 ($string) of type string is deprecated` notice on PHP 8.1. Discovered via and already covered via the pre-existing `Tests_Comment_Query::test_search_null_should_be_ignored()` test method. Follow-up to [36345], [48275]. Props jrf, hellofromTonya. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51806 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…de()`.
The shortcode content is expected to be a string, not `null`. `do_shortcode()` expects a string for `$content`.
The `img_caption_shortcode()` also expects a string for the `$content` parameter and is expected to return a string for the HTML content to display the caption.
Prior to this commit:
The default value for the `$content` parameter was set to `null`. If no `$content` was passed, the function:
- could return `null` when the `$atts['width'] < 1` or there was no caption
- else, it invoked `do_shortcode( $content )` passing `null` which on PHP 8.1+ triggers a deprecation notice:
{{{
strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated
}}}
This commit:
- Fixes the default `$content` value to align to the expected shortcode content of `string`, not `null`.
- Fixes the PHP 8.1 deprecation notice when `null` was being passed to `do_shortcode()`.
- Changes the assertion in a couple of tests to check for the empty string instead of `null.
Follow-up to [8196], [8925], [8239], [26915], [31530], [42704].
Props jrf, hellofromTonya, azaozz, joedolson.
See #53635.
git-svn-id: https://develop.svn.wordpress.org/trunk@51816 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…o `(get|add|update|delete)_option()`. In all four of the `get_option()`, `add_option()`, `update_option()` and `delete_option()` functions, the `$option` parameter (i.e. the option name) is passed to the PHP native `trim()` function without prior input validation. In PHP 8.1, this could lead to a `trim(): Passing null to parameter #1 ($string) of type string is deprecated` for each of these functions. `trim()`: - expects a text string and is only useful when ''passed'' a text string as no other variable type can contain whitespace. - will always return a `string`, which means that in practice for any non-string values passed, it would effectively function as a type cast to string. This commit: - Adds a check to verify the `$option` name is a scalar before processing it with `trim()`. - The "type cast" behavior is maintained. - If the given `$option` name is not a scalar, such as `null`, the fix prevents the PHP 8.1 deprecation notice. - Tests are added for valid but undesired option names to safeguard against regressions. This issue is already covered by: - the existing `Tests_Option_Option::test_bad_option_names()` test group. - the new `test_valid_but_undesired_option_names()` tests. Follow-up to [13858], [22633], [23510], [25002], [51817]. Props jrf, hellofromTonya, pbearne. See #53635. git-svn-id: https://develop.svn.wordpress.org/trunk@51818 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 3, 2021
…n for `authorize_application` error message.
If there is no URL query in the `$_GET['redirect_to'], `wp_parse_url()` will return `null`. Passing `null` to `parse_str()` results in a PHP 8.1 deprecation notice
{{{
Deprecated: parse_str(): Passing null to parameter #1 ($string) of type string is deprecated
}}}
This commit:
- Fixes the deprecation notice.
- Skips doing the `parse_str()` when there's no URL query.
- Provides a micro-optimization performance boost.
Follow-up to [49109].
Props jrf, hellofromTonya, BinaryKitten.
See #53635.
git-svn-id: https://develop.svn.wordpress.org/trunk@51829 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Nov 23, 2021
… to `strpos()` in `wp_fix_server_vars()`.
If `SCRIPT_NAME'` does not exist (which can happen in cron jobs), the following happens:
* PHP 8.1+:
* `Warning: Undefined array key "SCRIPT_NAME"`
* `Deprecated: strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated`
* PHP 8.0: `Warning: Undefined array key "SCRIPT_NAME"`
* PHP 5.6-7.4: No warning or notice
This commit checks if the key exists before passing it to `strpos()`. This resolves the warning, notice, and future error.
Follow-up to [3034], [3069], [12732].
Props audrasjb, costdev, hellofromTonya, karpstrucking, mcjambi, sergeybiryukov.
Fixes #54142.
git-svn-id: https://develop.svn.wordpress.org/trunk@52144 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Dec 7, 2021
…n `int` or `float`.
For certain images, `wp_exif_frac2dec()` unexpectedly returned a string instead of `int` or `float`. This can occur when an image is missing meta and calls the function with `'0/0'`. For those images, a fatal error was thrown on PHP 8.0+:
{{{
TypeError: round(): Argument #1 ($num) must be of type int|float, string given
}}}
Upon deeper review, inconsistent and unexpected results were returned from different types of input values passed to the function.
Changes are:
* Maintains backwards-compatibility for valid input values.
* Fixes handling of invalid input values by bailing out to return the documented type of `int|float` by returning `0`.
* Improves the fractional conditional check.
* Improves the calculated fraction handling to ensure (a) the numerator and denominator are both numeric and (b) the denominator is not equal to zero.
* Safeguards the behavior via tests for all possible ways code could flow through the function.
* Safeguards the backwards-compatibility of the `wp_read_image_metadata()` by adding some defensive coding around the calls to the `wp_exif_frac2dec()` function.
These changes fix the fatal error and make the function more secure, stable, and predictable while maintaining backwards-compatibility for valid input values.
Follow-up to [6313], [9119], [22319], [28367], [45611], [47287].
Props adamsilverstein, jrf, peterwilsoncc, praem90, stevegs, tobiasbg.
Fixes #54385.
git-svn-id: https://develop.svn.wordpress.org/trunk@52269 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Apr 4, 2022
…mail()`. As per the PHP manual: > If the `component` parameter is omitted, an associative array is returned. > If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned. Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values] In PHP 8.1, if the home URL does not have a "host" component, it would lead to a `substr(): Passing null to parameter #1 ($string) of type string is deprecated` notice. Changing the logic around and adding validation for the return type value of `wp_parse_url()` prevents that. Follow-up to [48601], [51606], [51622], [51626], [51629], [51630]. Props dennisatyoast, jrf. See #54730. git-svn-id: https://develop.svn.wordpress.org/trunk@52799 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Jun 19, 2023
The `$credentials['user_login']` and `$credentials['user_password']` parameters are passed by reference to the `wp_authenticate` action, and are at that point [https://www.php.net/manual/en/language.references.pass.php#124383 created as null] if they don't exist in the array. This commit sets those values to an empty string, resolving two PHP 8.1 deprecation notices: * One from `preg_replace()` in `wp_strip_all_tags()` via `sanitize_user()` in `wp_authenticate()`: {{{ Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated }}} * One from `trim()` in `wp_authenticate()` itself: {{{ Deprecated: trim(): Passing null to parameter #1 ($string) of type string is deprecated }}} Includes documenting the `$credentials` parameter using hash notation. Follow-up to [6643], [37697]. Props lenasterg, TobiasBg, ocean90, afragen, lkraav, SergeyBiryukov. Fixes #56850. git-svn-id: https://develop.svn.wordpress.org/trunk@55301 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Jun 19, 2023
…air screen.
The table is no longer created by core as of WordPress 3.0, and support for global terms was removed in WordPress 6.1, so `$wpdb->sitecategories` is unset by default.
This commit resolves a "passing null to non-nullable" deprecation notice on PHP 8.1:
{{{
Deprecated: addcslashes(): Passing null to parameter #1 ($string) of type string is deprecated in wp-includes/class-wpdb.php on line 1804
}}}
The `tables_to_repair` filter is available for plugins to readd the table or include any additional tables to repair.
Follow-up to [14854], [14880], [54240].
Props ipajen, chiragrathod103, SergeyBiryukov.
Fixes #57762.
git-svn-id: https://develop.svn.wordpress.org/trunk@55421 602fd350-edb4-49c9-b593-d223f7449a82
youknowriad
pushed a commit
that referenced
this pull request
Jan 22, 2024
…om next_posts(). The `esc_url()` function expects to a string for `$url` parameter. There is no input validation within that function. The function contains a `ltrim()` which also expects a string. Passing `null` to this parameter results in `Deprecated: ltrim(): Passing null to parameter #1 ($string) of type string is deprecated` notice on PHP 8.1+. Tracing the stack back, a `null` is being passed to it within `next_posts()` when `get_next_posts_page_link()` returns `null` (it can return a string or `null`). On PHP 7.0 to PHP 8.x, an empty string is returned from `esc_url()` when `null` is passed to it. The change in this changeset avoids the deprecation notice by not invoking `esc_url()` when `get_next_posts_page_link()` returns `null` and instead sets the `$output` to an empty string, thus maintain the same behavior as before (minus the deprecation notice). Adds a test to validate an empty string is returned and the absence of the deprecation (when running on PHP 8.1+). Follow-up to [11383], [9632]. Props codersantosh, nihar007, hellofromTonya, mukesh27, oglekler, rajinsharwar. Fixes #59154. git-svn-id: https://develop.svn.wordpress.org/trunk@56740 602fd350-edb4-49c9-b593-d223f7449a82
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.