WordPress.org

Make WordPress Core

Opened 6 months ago

Closed 5 months ago

Last modified 3 months ago

#46613 closed defect (bug) (fixed)

Ensure plugin auto updates are blocked if required PHP version is not supported

Reported by: TimothyBlynJacobs Owned by: desrosj
Milestone: 5.2 Priority: normal
Severity: normal Version: 5.2
Component: Site Health Keywords: servehappy has-patch commit
Focuses: Cc:

Description

In #43987 and #44350 plugin updates were blocked from the UI if the PHP requirements were not met. This should be extended to prevent an auto update from skipping this check and being installed automatically.

I think doing the same requires_php checks from the UI in WP_Automatic_Updater::should_update() would work.

Attachments (4)

46613.diff (641 bytes) - added by davidbaumwald 6 months ago.
46613.2.diff (639 bytes) - added by davidbaumwald 6 months ago.
46613.3.diff (609 bytes) - added by davidbaumwald 6 months ago.
Updated patch to conform to WPCS
46613.4.diff (584 bytes) - added by desrosj 5 months ago.

Download all attachments as: .zip

Change History (15)

#1 @SergeyBiryukov
6 months ago

  • Milestone changed from Awaiting Review to 5.2

@davidbaumwald
6 months ago

#2 @davidbaumwald
6 months ago

  • Keywords needs-patch removed

#3 @davidbaumwald
6 months ago

  • Keywords has-patch added

#4 follow-up: @afragen
6 months ago

If this is the correct place for the test can we reverse the version_compare So we don’t need !.

Another advantage of having a function handle this. 😉

Last edited 6 months ago by afragen (previous) (diff)

#5 in reply to: ↑ 4 @davidbaumwald
6 months ago

Replying to afragen:

If this is the correct place for the test can we reverse the version_compare So we don’t need !.

Another advantage of having a function handle this.

@afragen Good point. Whether or not the placement is correct, I've updated the patch for code brevity.

If it needs to be moved elsewhere, let me know.

@davidbaumwald
6 months ago

Updated patch to conform to WPCS

This ticket was mentioned in Slack in #core by audrasjb. View the logs.


5 months ago

#7 @desrosj
5 months ago

  • Owner set to desrosj
  • Status changed from new to reviewing

@desrosj
5 months ago

#8 @desrosj
5 months ago

46613.4.diff updates the version compare to not include =. If the version returned by phpinfo() is exactly the same as the required minimum version, then the update should be allowed.

Also, I have reversed the comparison to so that the local version is listed first in the comparison. This matches the two other version_compare() calls above making it a little harder to get tripped up.

Version 0, edited 5 months ago by desrosj (next)

#9 @desrosj
5 months ago

  • Keywords commit added

#10 @desrosj
5 months ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In 45165:

Upgrade/Install: Prevent plugin auto updates if PHP version requirements are not satisfied.

In [44937] and [44939], changes were made to prevent a user from updating any plugin that requires a higher version of PHP than the site is running. This compliments those changes to also prevent plugins from being auto updated when the same requirements are not met.

Props: TimothyBlynJacobs, davidbaumwald.
Fixes #46613.

#11 @spacedmonkey
3 months ago

  • Component changed from Upgrade/Install to Site Health
Note: See TracTickets for help on using tickets.