Changeset 58813 for trunk/src/wp-includes/update.php

Timestamp:

07/27/2024 12:25:44 AM (22 months ago)

Author:

peterwilsoncc

Message:

General: Introduce wp_get_wp_version() to get unmodified version.

Introduces wp_get_wp_version() to get an unmodified value of $wp_version from wp-includes/version.php. Some plugins modify the global in an attempt to improve security through obscurity. This practice can cause errors in WordPress so the ability to get an unmodified version is needed.

Replaces instances within the code base in which version.php was required in order to get an unmodified value. script-loader.php is intentionally excluded from the replacements as the function is not always available to the file.

Props debarghyabanerjee, afragen, costdev.
See #61627.

File:

• trunk/src/wp-includes/update.php (modified) (11 diffs)

trunk/src/wp-includes/update.php

@@ -32 +32 @@
     }
 
-    // Include an unmodified $wp_version.
-    require ABSPATH . WPINC . '/version.php';
     $php_version = PHP_VERSION;
 
@@ -40 +38 @@
 
     // Invalidate the transient when $wp_version changes.
-    if ( is_object( $current ) && $wp_version !== $current->version_checked ) {
+    if ( is_object( $current ) && wp_get_wp_version() !== $current->version_checked ) {
         $current = false;
     }
@@ -47 +45 @@
         $current                  = new stdClass();
         $current->updates         = array();
-        $current->version_checked = $wp_version;
+        $current->version_checked = wp_get_wp_version();
     }
 
@@ -96 +94 @@
     sort( $extensions, SORT_STRING | SORT_FLAG_CASE );
     $query = array(
-        'version'            => $wp_version,
+        'version'            => wp_get_wp_version(),
         'php'                => $php_version,
         'locale'             => $locale,
@@ -192 +190 @@
     $options = array(
         'timeout'    => $doing_cron ? 30 : 3,
-        'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ),
+        'user-agent' => 'WordPress/' . wp_get_wp_version() . '; ' . home_url( '/' ),
         'headers'    => array(
             'wp_install' => $wp_install,
@@ -267 +265 @@
     $updates->updates         = $offers;
     $updates->last_checked    = time();
-    $updates->version_checked = $wp_version;
+    $updates->version_checked = wp_get_wp_version();
 
     if ( isset( $body['translations'] ) ) {
@@ -315 +313 @@
         return;
     }
-
-    // Include an unmodified $wp_version.
-    require ABSPATH . WPINC . '/version.php';
 
     // If running blog-side, bail unless we've not checked in the last 12 hours.
@@ -424 +419 @@
             'all'          => wp_json_encode( true ),
         ),
-        'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ),
+        'user-agent' => 'WordPress/' . wp_get_wp_version() . '; ' . home_url( '/' ),
     );
 
@@ -591 +586 @@
     }
 
-    // Include an unmodified $wp_version.
-    require ABSPATH . WPINC . '/version.php';
-
     $installed_themes = wp_get_themes();
     $translations     = wp_get_installed_translations( 'themes' );
@@ -706 +698 @@
             'locale'       => wp_json_encode( $locales ),
         ),
-        'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ),
+        'user-agent' => 'WordPress/' . wp_get_wp_version() . '; ' . home_url( '/' ),
     );
 
@@ -990 +982 @@
  */
 function _maybe_update_core() {
-    // Include an unmodified $wp_version.
-    require ABSPATH . WPINC . '/version.php';
-
     $current = get_site_transient( 'update_core' );
 
     if ( isset( $current->last_checked, $current->version_checked )
         && 12 * HOUR_IN_SECONDS > ( time() - $current->last_checked )
-        && $current->version_checked === $wp_version
+        && wp_get_wp_version() === $current->version_checked
     ) {
         return;