Make WordPress Core


Ignore:
Timestamp:
10/24/2022 02:47:10 PM (2 years ago)
Author:
SergeyBiryukov
Message:

KSES: Display a notice if any of the required globals are not set.

When using the CUSTOM_TAGS constant, these global variables should be set to arrays:

  • $allowedposttags
  • $allowedtags
  • $allowedentitynames
  • $allowedxmlentitynames

This commit aims to improve developer experience by displaying a more helpful message to explain a PHP fatal error further in the code if any of these globals are either not set or not an array.

Note Using CUSTOM_TAGS is not recommended and should be considered deprecated. The wp_kses_allowed_html filter is more powerful and supplies context.

Follow-up to [832], [834], [2896], [13358], [21796], [28845], [43016], [48072].

Props doctorlai, pento, KnowingArt_com, bosconiandynamics, TJNowell, ironprogrammer, audrasjb, mukesh27, SergeyBiryukov.
Fixes #47357.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/kses.php

    r54181 r54672  
    3636 * Using `CUSTOM_TAGS` is not recommended and should be considered deprecated. The
    3737 * {@see 'wp_kses_allowed_html'} filter is more powerful and supplies context.
     38 *
     39 * When using this constant, make sure to set all of these globals to arrays:
     40 *
     41 *  - `$allowedposttags`
     42 *  - `$allowedtags`
     43 *  - `$allowedentitynames`
     44 *  - `$allowedxmlentitynames`
    3845 *
    3946 * @see wp_kses_allowed_html()
     
    686693    $allowedposttags = array_map( '_wp_add_global_attributes', $allowedposttags );
    687694} else {
     695    $required_kses_globals = array(
     696        'allowedposttags',
     697        'allowedtags',
     698        'allowedentitynames',
     699        'allowedxmlentitynames',
     700    );
     701    $missing_kses_globals  = array();
     702
     703    foreach ( $required_kses_globals as $global_name ) {
     704        if ( ! isset( $GLOBALS[ $global_name ] ) || ! is_array( $GLOBALS[ $global_name ] ) ) {
     705            $missing_kses_globals[] = '<code>$' . $global_name . '</code>';
     706        }
     707    }
     708
     709    if ( $missing_kses_globals ) {
     710        _doing_it_wrong(
     711            'wp_kses_allowed_html',
     712            sprintf(
     713                /* translators: 1: CUSTOM_TAGS, 2: Global variable names. */
     714                __( 'When using the %1$s constant, make sure to set these globals to an array: %2$s.' ),
     715                '<code>CUSTOM_TAGS</code>',
     716                implode( ', ', $missing_kses_globals )
     717            ),
     718            '6.2.0'
     719        );
     720    }
     721
    688722    $allowedtags     = wp_kses_array_lc( $allowedtags );
    689723    $allowedposttags = wp_kses_array_lc( $allowedposttags );
Note: See TracChangeset for help on using the changeset viewer.