WordPress.org

Make WordPress Core

Opened 2 years ago

Closed 2 years ago

Last modified 2 years ago

#46613 closed defect (bug) (fixed)

Ensure plugin auto updates are blocked if required PHP version is not supported

Reported by: TimothyBlynJacobs Owned by: desrosj
Milestone: 5.2 Priority: normal
Severity: normal Version: 5.2
Component: Site Health Keywords: servehappy has-patch commit
Focuses: Cc:

Description

In #43987 and #44350 plugin updates were blocked from the UI if the PHP requirements were not met. This should be extended to prevent an auto update from skipping this check and being installed automatically.

I think doing the same requires_php checks from the UI in WP_Automatic_Updater::should_update() would work.

Attachments (4)

46613.diff (641 bytes) - added by davidbaumwald 2 years ago.
46613.2.diff (639 bytes) - added by davidbaumwald 2 years ago.
46613.3.diff (609 bytes) - added by davidbaumwald 2 years ago.
Updated patch to conform to WPCS
46613.4.diff (584 bytes) - added by desrosj 2 years ago.

Download all attachments as: .zip

Change History (15)

#1 @SergeyBiryukov
2 years ago

  • Milestone changed from Awaiting Review to 5.2

@davidbaumwald
2 years ago

#2 @davidbaumwald
2 years ago

  • Keywords needs-patch removed

#3 @davidbaumwald
2 years ago

  • Keywords has-patch added

#4 follow-up: @afragen
2 years ago

If this is the correct place for the test can we reverse the version_compare So we don’t need !.

Another advantage of having a function handle this. 😉

Last edited 2 years ago by afragen (previous) (diff)

#5 in reply to: ↑ 4 @davidbaumwald
2 years ago

Replying to afragen:

If this is the correct place for the test can we reverse the version_compare So we don’t need !.

Another advantage of having a function handle this.

@afragen Good point. Whether or not the placement is correct, I've updated the patch for code brevity.

If it needs to be moved elsewhere, let me know.

@davidbaumwald
2 years ago

Updated patch to conform to WPCS

This ticket was mentioned in Slack in #core by audrasjb. View the logs.


2 years ago

#7 @desrosj
2 years ago

  • Owner set to desrosj
  • Status changed from new to reviewing

@desrosj
2 years ago

#8 @desrosj
2 years ago

46613.4.diff updates the version compare to not include =. If the version returned by phpinfo() is exactly the same as the required minimum version, then the update should be allowed.

Also, I have reversed the comparison so that the local version is listed first in the comparison. This matches the two other version_compare() calls above making it a little harder to get tripped up.

Last edited 2 years ago by desrosj (previous) (diff)

#9 @desrosj
2 years ago

  • Keywords commit added

#10 @desrosj
2 years ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In 45165:

Upgrade/Install: Prevent plugin auto updates if PHP version requirements are not satisfied.

In [44937] and [44939], changes were made to prevent a user from updating any plugin that requires a higher version of PHP than the site is running. This compliments those changes to also prevent plugins from being auto updated when the same requirements are not met.

Props: TimothyBlynJacobs, davidbaumwald.
Fixes #46613.

#11 @spacedmonkey
2 years ago

  • Component changed from Upgrade/Install to Site Health
Note: See TracTickets for help on using tickets.