Opened 9 years ago
Last modified 5 years ago
#35274 new enhancement
Break-out conditional in allow_subdomain_install()
Reported by: | stevegrunwell | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Networks and Sites | Keywords: | has-patch has-unit-tests |
Focuses: | multisite | Cc: |
Description
Attached patch expands the conditional within allow_subdomain_install()
with better inline documentation, replaces the IP address regex with filter_var( $var, FILTER_VALIDATE_IP )
([supported in PHP 5.2.0+), and adds unit tests.
This came about while working on a refresh for #22330, trying to add missing unit tests along the way, and includes one of the regex changes from @nacin's patch.
Attachments (2)
Change History (6)
@
9 years ago
Updated diff that restores the original regex for IP addresses rather than using filter_var()
#3
@
9 years ago
Fair point, patch has been updated to use the current regex pattern.
As far as core never using filter_var()
that's technically true, but I did find one instance in wp-includes/class-phpmailer.php (which is why I was like "okay, cool, let's use filter_var()
"). I've yet to come across a system with the filters disabled, but that doesn't mean they're not out there :)
We have never used
filter_var()
in core. Filter is enabled by default, but it can be disabled. I would estimate that this would be a minuscule number of sites, but even 0.1% is still tens of thousands of sites that would see a fatal error unexpectedly. Granted, very few would be trying to create a network, but I'd expect at least one bug report citing it upon release.While someone is unlikely to deliberately disable ext/filter, it's actually not terribly uncommon to use the flag
--disable-all
and then add back what you need -- and sometimes an important one is missed.