WordPress.org

Make WordPress Core

Opened 11 months ago

Closed 11 months ago

Last modified 8 months ago

#46613 closed defect (bug) (fixed)

Ensure plugin auto updates are blocked if required PHP version is not supported

Reported by: TimothyBlynJacobs Owned by: desrosj
Milestone: 5.2 Priority: normal
Severity: normal Version: 5.2
Component: Site Health Keywords: servehappy has-patch commit
Focuses: Cc:

Description

In #43987 and #44350 plugin updates were blocked from the UI if the PHP requirements were not met. This should be extended to prevent an auto update from skipping this check and being installed automatically.

I think doing the same requires_php checks from the UI in WP_Automatic_Updater::should_update() would work.

Attachments (4)

46613.diff (641 bytes) - added by davidbaumwald 11 months ago.
46613.2.diff (639 bytes) - added by davidbaumwald 11 months ago.
46613.3.diff (609 bytes) - added by davidbaumwald 11 months ago.
Updated patch to conform to WPCS
46613.4.diff (584 bytes) - added by desrosj 11 months ago.

Download all attachments as: .zip

Change History (15)

#1 @SergeyBiryukov
11 months ago

  • Milestone changed from Awaiting Review to 5.2

#2 @davidbaumwald
11 months ago

  • Keywords needs-patch removed

#3 @davidbaumwald
11 months ago

  • Keywords has-patch added

#4 follow-up: @afragen
11 months ago

If this is the correct place for the test can we reverse the version_compare So we don’t need !.

Another advantage of having a function handle this. 😉

Last edited 11 months ago by afragen (previous) (diff)

#5 in reply to: ↑ 4 @davidbaumwald
11 months ago

Replying to afragen:

If this is the correct place for the test can we reverse the version_compare So we don’t need !.

Another advantage of having a function handle this.

@afragen Good point. Whether or not the placement is correct, I've updated the patch for code brevity.

If it needs to be moved elsewhere, let me know.

@davidbaumwald
11 months ago

Updated patch to conform to WPCS

This ticket was mentioned in Slack in #core by audrasjb. View the logs.


11 months ago

#7 @desrosj
11 months ago

  • Owner set to desrosj
  • Status changed from new to reviewing

@desrosj
11 months ago

#8 @desrosj
11 months ago

46613.4.diff updates the version compare to not include =. If the version returned by phpinfo() is exactly the same as the required minimum version, then the update should be allowed.

Also, I have reversed the comparison so that the local version is listed first in the comparison. This matches the two other version_compare() calls above making it a little harder to get tripped up.

Last edited 11 months ago by desrosj (previous) (diff)

#9 @desrosj
11 months ago

  • Keywords commit added

#10 @desrosj
11 months ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In 45165:

Upgrade/Install: Prevent plugin auto updates if PHP version requirements are not satisfied.

In [44937] and [44939], changes were made to prevent a user from updating any plugin that requires a higher version of PHP than the site is running. This compliments those changes to also prevent plugins from being auto updated when the same requirements are not met.

Props: TimothyBlynJacobs, davidbaumwald.
Fixes #46613.

#11 @spacedmonkey
8 months ago

  • Component changed from Upgrade/Install to Site Health
Note: See TracTickets for help on using tickets.