WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 5 months ago

#16683 closed defect (bug) (invalid)

Nonce failure error message causes a warning, and also ugly error.

Reported by: dd32 Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.1
Component: Administration Keywords: has-patch
Focuses: Cc:

Description

( ! ) Notice: Undefined offset: 4 in C:\www\wordpress-commit\wp-includes\functions.php on line 2624
Call Stack
#	Time	Memory	Function	Location
1	0.1991	455408	{main}( )	..\options-permalink.php:0
2	15.8632	23506944	check_admin_referer( )	..\options-permalink.php:69
3	15.8637	23507168	wp_nonce_ays( )	..\pluggable.php:839
4	15.8638	23507240	wp_explain_nonce( )	..\functions.php:2657


Your attempt to change your permalink structure to: has failed.

I left the permalink page open for a few hours, and just went to update it. Upon clicking update, I was given the above error (see attached jpeg). It feels pretty clunky and average to have a simple text like that.

The warning looks to be caused by the nonce error not being set possibly..

Attachments (4)

Untitled.png (40.4 KB) - added by dd32 3 years ago.
16683.diff (1.1 KB) - added by solarissmoke 3 years ago.
16683.2.diff (1.5 KB) - added by garyc40 3 years ago.
fix notice
16683.2.2.diff (1.5 KB) - added by garyc40 3 years ago.
fix notice

Download all attachments as: .zip

Change History (8)

dd323 years ago

comment:1 dd323 years ago

The test was of SVN @ 3.1 release revision.

solarissmoke3 years ago

comment:2 solarissmoke3 years ago

  • Keywords has-patch added; needs-patch removed

It's because $trans['update']['permalink'] was expecting the permalink structure that was requested to be supplied in the _extra part of the nonce action - which is wrong as that is not a fixed ID.

As for clunky/average - all the messages in wp_explain_nonce are like that. I feel certain there is a ticket out there proposing an overhaul of the nonce/AYS business?

Version 0, edited 3 years ago by solarissmoke (next)

garyc403 years ago

fix notice

garyc403 years ago

fix notice

comment:3 garyc403 years ago

solarissmoke's patch doesn't address the root of the problem.

wp_explain_nonce assumes that all nonce action has an _extra part.

Reproducing this issue is easier if you add $result = false; after line 837 in check_admin_referer().

See 16683.2.2.diff .

Please ignore 16683.2.diff or delete it, there's a typo.

comment:4 dd325 months ago

  • Milestone Future Release deleted
  • Resolution set to invalid
  • Status changed from new to closed

wp_explain_nonce() is no more.

Note: See TracTickets for help on using tickets.