Make WordPress Core

Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#42401 closed defect (bug) (fixed)

Typechecker problem in wp-db.php

Reported by: mkomar's profile mkomar Owned by: pento's profile pento
Milestone: 4.9 Priority: normal
Severity: normal Version: 4.8.3
Component: Database Keywords: has-patch dev-reviewed commit fixed-major
Focuses: Cc:

Description

Argument 3 to hash_hmac() must be of type ?string, int given in /xxx/wp-includes/wp-db.php on line 1969

Attachments (1)

wp-db.diff (613 bytes) - added by mkomar 7 years ago.
patch to resolve the problem.

Download all attachments as: .zip

Change History (22)

@mkomar
7 years ago

patch to resolve the problem.

#1 @SergeyBiryukov
7 years ago

  • Component changed from General to Database

#2 @pento
7 years ago

  • Keywords has-patch dev-feedback added
  • Milestone changed from Awaiting Review to 4.9

Thanks for the patch, @mkomar! Looks good to me, can another committer sign off, please?

Milestoning this for 4.9, it will also need to be back ported back to 3.7.

#3 @peterwilsoncc
7 years ago

  • Keywords dev-reviewed commit added; dev-feedback removed
  • Owner set to pento
  • Status changed from new to assigned

Checked with patch applied.

  • db tests still pass
  • tested with the following in wp shell
vagrant@vvv:~/www/wordpress-develop/public_html$ wp shell
wp> echo esc_sql( 'my_%s_is_here' )
my_{1ee1e59bb60fe439935c62feaddc27663f7f4c28c259b77396a66862bf7ce08b}s_is_here
wp> exit
vagrant@vvv:~/www/wordpress-develop/public_html$ wp shell
wp> echo esc_sql( 'my_%s_is_here' )
my_{ef1631a8a1c700ba5a1eb3f7e60974329c42910a031432de15ab4ab1378ef1af}s_is_here
wp> exit

#4 @peterwilsoncc
7 years ago

For clarity: above was with AUTH_SALT undefined.

This ticket was mentioned in Slack in #core by jeffpaul. View the logs.


7 years ago

This ticket was mentioned in Slack in #core by jeffpaul. View the logs.


7 years ago

This ticket was mentioned in Slack in #core by westonruter. View the logs.


7 years ago

#8 @pento
7 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

In 42119:

WPDB: Fix a PHP notice when AUTH_SALT is undefined.

In wpdb::placeholder_escape(), the key for hash_hmac() falls back to rand() when AUTH_SALT is undefined. hash_hmac() requires the key to be a string, however, so we need to cast it as such.

Props mkomar.
Fixes #42401.

#9 @pento
7 years ago

  • Keywords fixed-major added
  • Resolution fixed deleted
  • Status changed from closed to reopened

Re-opening for backporting to the 3.7-4.8 branches.

#10 @dd32
7 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

In 42230:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.8 branch.
Fixes #42431 and #42401 for 4.8.

#11 @dd32
7 years ago

In 42231:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.7 branch.
Fixes #42431 and #42401 for 4.7.

#12 @dd32
7 years ago

In 42232:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.6 branch.
Fixes #42431 and #42401 for 4.6.

#13 @dd32
7 years ago

In 42233:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.5 branch.
Fixes #42431 and #42401 for 4.5.

#14 @dd32
7 years ago

In 42234:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.4 branch.
Fixes #42431 and #42401 for 4.4.

#15 @dd32
7 years ago

In 42235:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.3 branch.
Fixes #42431 and #42401 for 4.3.

#16 @dd32
7 years ago

In 42236:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.2 branch.
Fixes #42431 and #42401 for 4.2.

#17 @dd32
7 years ago

In 42237:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.1 branch.
Fixes #42431 and #42401 for 4.1.

#18 @dd32
7 years ago

In 42238:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.0 branch.
Fixes #42431 and #42401 for 4.0.

#19 @dd32
7 years ago

In 42239:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 3.9 branch.
Fixes #42431 and #42401 for 3.9.

#20 @dd32
7 years ago

In 42240:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 3.8 branch.
Fixes #42431 and #42401 for 3.8.

#21 @dd32
7 years ago

In 42241:

WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined.

Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 3.7 branch.
Fixes #42431 and #42401 for 3.7.

Note: See TracTickets for help on using tickets.