Make WordPress Core


Ignore:
Timestamp:
08/19/2021 12:43:03 PM (3 years ago)
Author:
SergeyBiryukov
Message:

Media: Check the return type of _get_cron_array() in WP_Media_List_Table::prepare_items().

The following warnings could, in very select circumstances, be shown:

// PHP 8.0 and higher:
Warning: foreach() argument must be of type array|object, bool given

// PHP 5.6 – 7.4
Warning: Invalid argument supplied for foreach()

In WP_Media_List_Table::prepare_items(), the cron info array is retrieved via a call to _get_cron_array(), but as the documentation (correctly) states, the return type of that function is array|false, where false is returned for a virgin site, with no cron jobs scheduled yet.

However, no type check is done on the return value, and the method just blindly continues by using it in a foreach.

Fixed by adding validation for the returned value from _get_cron_array() and only running the foreach when the returned value is an array.

Reference: WordPress Developer Resources: _get_cron_array()

Follow-up to [48417].

Props jrf, hellofromTonya, mukesh27.
Fixes #53949.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/class-wp-media-list-table.php

    r50804 r51638  
    7979        $not_in = array();
    8080
    81         foreach ( _get_cron_array() as $cron ) {
    82             if ( isset( $cron['upgrader_scheduled_cleanup'] ) ) {
    83                 $details = reset( $cron['upgrader_scheduled_cleanup'] );
    84 
    85                 if ( ! empty( $details['args'][0] ) ) {
    86                     $not_in[] = (int) $details['args'][0];
     81        $crons = _get_cron_array();
     82
     83        if ( is_array( $crons ) ) {
     84            foreach ( $crons as $cron ) {
     85                if ( isset( $cron['upgrader_scheduled_cleanup'] ) ) {
     86                    $details = reset( $cron['upgrader_scheduled_cleanup'] );
     87
     88                    if ( ! empty( $details['args'][0] ) ) {
     89                        $not_in[] = (int) $details['args'][0];
     90                    }
    8791                }
    8892            }
Note: See TracChangeset for help on using the changeset viewer.