WordPress.org

Make WordPress Core

Changeset 52294


Ignore:
Timestamp:
11/30/2021 09:00:32 PM (8 weeks ago)
Author:
SergeyBiryukov
Message:

Options, Meta APIs: Improve error handling in sanitize_option().

To prevent potential false negatives, set $error to null initially, so we can better tell if it was ever changed during the sanitization and be able to better react if an empty string is added to it.

Additionally, and mainly for the sake of the Settings API at this point, add error messages to some WP_Error objects returned from wpdb methods that were previously causing the issues here.

Follow-up to [32791].

Props iCaleb, audrasjb, hellofromTonya, SergeyBiryukov.
Fixes #53986.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/formatting.php

    r52292 r52294  
    47124712
    47134713    $original_value = $value;
    4714     $error          = '';
     4714    $error          = null;
    47154715
    47164716    switch ( $option ) {
     
    49204920            }
    49214921
    4922             if ( 'permalink_structure' === $option && '' !== $value && ! preg_match( '/%[^\/%]+%/', $value ) ) {
     4922            if ( 'permalink_structure' === $option && null === $error
     4923                && '' !== $value && ! preg_match( '/%[^\/%]+%/', $value )
     4924            ) {
    49234925                $error = sprintf(
    49244926                    /* translators: %s: Documentation URL. */
     
    49494951    }
    49504952
    4951     if ( ! empty( $error ) ) {
     4953    if ( null !== $error ) {
     4954        if ( '' === $error && is_wp_error( $value ) ) {
     4955            /* translators: 1: Option name, 2: Error code. */
     4956            $error = sprintf( __( 'Could not sanitize the %1$s option. Error code: %2$s' ), $option, $value->get_error_code() );
     4957        }
     4958
    49524959        $value = get_option( $option );
    49534960        if ( function_exists( 'add_settings_error' ) ) {
  • trunk/src/wp-includes/wp-db.php

    r52218 r52294  
    28862886        $results     = $this->get_results( "SHOW FULL COLUMNS FROM $table" );
    28872887        if ( ! $results ) {
    2888             return new WP_Error( 'wpdb_get_table_charset_failure' );
     2888            return new WP_Error( 'wpdb_get_table_charset_failure', __( 'Could not retrieve table charset.' ) );
    28892889        }
    28902890
     
    33283328            $row                       = $this->get_row( 'SELECT ' . implode( ', ', $sql ), ARRAY_A );
    33293329            if ( ! $row ) {
    3330                 return new WP_Error( 'wpdb_strip_invalid_text_failure' );
     3330                return new WP_Error( 'wpdb_strip_invalid_text_failure', __( 'Could not strip invalid text.' ) );
    33313331            }
    33323332
  • trunk/tests/phpunit/tests/option/sanitize-option.php

    r48937 r52294  
    156156            array( '/%year%/%monthnum%/%day%/%postname%/', '/%year%/%monthnum%/%day%/%postname%/', true ),
    157157            array( '/%year/%postname%/', '/%year/%postname%/', true ),
     158            array( new WP_Error( 'wpdb_get_table_charset_failure' ), false, false ), // ticket 53986
    158159        );
    159160    }
Note: See TracChangeset for help on using the changeset viewer.