Make WordPress Core

Changeset 54482


Ignore:
Timestamp:
10/11/2022 03:05:29 PM (2 years ago)
Author:
audrasjb
Message:

Networks and Sites: Ensure fileupload_maxk is an int to avoid potential fatal errors.

This changeset fixes a potential fatal error, for example when "Max upload file size" setting is set to an empty value. It also adds unit tests for upload_size_limit_filter.

Props mjkhajeh, bhrugesh12, SergeyBiryukov, kebbet, audrasjb, felipeelia.
Fixes #55926.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/formatting.php

    r54474 r54482  
    47724772        case 'start_of_week':
    47734773        case 'site_icon':
     4774        case 'fileupload_maxk':
    47744775            $value = absint( $value );
    47754776            break;
  • trunk/src/wp-includes/ms-functions.php

    r54240 r54482  
    26162616 */
    26172617function upload_size_limit_filter( $size ) {
    2618     $fileupload_maxk = KB_IN_BYTES * get_site_option( 'fileupload_maxk', 1500 );
     2618    $fileupload_maxk         = (int) get_site_option( 'fileupload_maxk', 1500 );
     2619    $max_fileupload_in_bytes = KB_IN_BYTES * $fileupload_maxk;
     2620
    26192621    if ( get_site_option( 'upload_space_check_disabled' ) ) {
    2620         return min( $size, $fileupload_maxk );
    2621     }
    2622 
    2623     return min( $size, $fileupload_maxk, get_upload_space_available() );
     2622        return min( $size, $max_fileupload_in_bytes );
     2623    }
     2624
     2625    return min( $size, $max_fileupload_in_bytes, get_upload_space_available() );
    26242626}
    26252627
  • trunk/tests/phpunit/tests/multisite/network.php

    r54402 r54482  
    397397
    398398        /**
     399         * Test the default behavior of upload_size_limit_filter.
     400         * If any default option is changed, the function returns the min value between the
     401         * parameter passed and the `fileupload_maxk` site option (1500Kb by default)
     402         *
     403         * @ticket 55926
     404         */
     405        public function test_upload_size_limit_filter() {
     406            $return = upload_size_limit_filter( 1499 * KB_IN_BYTES );
     407            $this->assertSame( 1499 * KB_IN_BYTES, $return );
     408            $return = upload_size_limit_filter( 1501 * KB_IN_BYTES );
     409            $this->assertSame( 1500 * KB_IN_BYTES, $return );
     410        }
     411
     412        /**
     413         * Test if upload_size_limit_filter behaves as expected when the `fileupload_maxk` is 0 or an empty string.
     414         *
     415         * @ticket 55926
     416         * @dataProvider data_upload_size_limit_filter_empty_fileupload_maxk
     417         */
     418        public function test_upload_size_limit_filter_empty_fileupload_maxk( $callable_set_fileupload_maxk ) {
     419            add_filter( 'site_option_fileupload_maxk', $callable_set_fileupload_maxk );
     420            $return = upload_size_limit_filter( 1500 );
     421            $this->assertSame( 0, $return );
     422        }
     423
     424        /**
     425         * @ticket 55926
     426         */
     427        public function data_upload_size_limit_filter_empty_fileupload_maxk() {
     428            return array(
     429                array( '__return_zero' ),
     430                array( '__return_empty_string' ),
     431            );
     432        }
     433
     434        /**
     435         * When upload_space_check is enabled, the space allowed is also considered by `upload_size_limit_filter`.
     436         *
     437         * @ticket 55926
     438         */
     439        public function test_upload_size_limit_filter_when_upload_space_check_enabled() {
     440            add_filter( 'get_space_allowed', '__return_zero' );
     441            add_filter( 'site_option_upload_space_check_disabled', '__return_false' );
     442            $return = upload_size_limit_filter( 100 );
     443            $this->assertSame( 0, $return );
     444        }
     445
     446        /**
    399447         * @ticket 40489
    400448         * @dataProvider data_wp_is_large_network
Note: See TracChangeset for help on using the changeset viewer.