Make WordPress Core

Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#52560 closed defect (bug) (fixed)

Fatal error handler references recovery mode email, which may not have actually been sent

Reported by: stevegrunwell's profile stevegrunwell Owned by: jorbin's profile jorbin
Milestone: 5.8 Priority: normal
Severity: normal Version: 5.2
Component: Bootstrap/Load Keywords: good-first-bug has-patch
Focuses: Cc:

Description

In troubleshooting a client issue, I've stumbled upon a potential cause for some of the trac tickets regarding the recovery email not being sent (e.g. #52201, #51634, #52207, and others):

The recovery mode email is sent from within the WP_Recovery_Mode::handle_error() method, but that method is only called by the fatal error handler if WP_Recovery_Mode has been initialized.

This initialization occurs in wp-settings.php after the MU plugins have been loaded; as a result, WP_Recovery_Mode::handle_error() will not be called for any errors that occur during the loading of MU plugins (or anywhere else prior to initialization).

Meanwhile, the messaging for the default error template uses is_protected_endpoint() as its sole criteria for whether it should include the "Please check your site admin email inbox for instructions." sentence.

All together, this means that a fatal error that occurs on a protected endpoint before wp_recovery_mode()->initialize() is called — be it from core or an MU plugin — will trigger an error screen telling the user to look for an email that will never be sent.

It seems like there are two possible solutions to this problem:

  1. Initialize recovery mode earlier in the process
  2. Update the conditional within WP_Fatal_Error_Handler::display_default_error_template() to only mention the email if one has actually been sent.

Change History (4)

#1 @TimothyBlynJacobs
3 years ago

  • Keywords needs-patch good-first-bug added
  • Milestone changed from Awaiting Review to 5.8
  • Version set to 5.2

Thanks for the ticket @stevegrunwell!

Yeah, it is intentional that recovery mode isn't initialized until after MU Plugins have been loaded since we can't "deactivate" MU Plugins.

I think your second suggestion is the right one. We could probably check wp_recovery_mode->is_initialized().

This ticket was mentioned in PR #1054 on WordPress/wordpress-develop by reynhartono.


3 years ago
#2

  • Keywords has-patch added; needs-patch removed

#3 @jorbin
3 years ago

  • Owner set to jorbin
  • Resolution set to fixed
  • Status changed from new to closed

In 51076:

Booststrap/Load: Only reference recovery mode email when it can be sent.

The recovery mode email is sent from within the WP_Recovery_Mode::handle_error() method, but that method is only called by the fatal error handler if WP_Recovery_Mode has been initialized. This adjusts the message to only say the email has been sent if it can be sent.

Props reynhartono, stevegrunwell for initial plan.
Fixes #52560.

Note: See TracTickets for help on using tickets.