Fatal error after entered the empty value for 'Max upload file size' in wordpress network

[mjkhajeh]

Hi, I entered the empty value for 'Max upload file size' in the wordpress network and WordPress is down.

<b>Fatal error</b>:  Uncaught TypeError: Unsupported operand types: string * int in /var/www/html/wordpress/wp-includes/ms-functions.php:2709
Stack trace:
#0 /var/www/html/wordpress/wp-includes/class-wp-hook.php(309): upload_size_limit_filter()
#1 /var/www/html/wordpress/wp-includes/plugin.php(191): WP_Hook-&gt;apply_filters()
#2 /var/www/html/wordpress/wp-includes/media.php(3751): apply_filters()
#3 /var/www/html/wordpress/wp-includes/block-editor.php(156): wp_max_upload_size()
#4 /var/www/html/wordpress/wp-includes/class-wp-theme-json-resolver.php(199): get_default_block_editor_settings()
#5 /var/www/html/wordpress/wp-includes/class-wp-theme-json-resolver.php(384): WP_Theme_JSON_Resolver::get_theme_data()
#6 /var/www/html/wordpress/wp-includes/script-loader.php(3076): WP_Theme_JSON_Resolver::get_merged_data()
#7 /var/www/html/wordpress/wp-includes/script-loader.php(3272): {closure}()
#8 /var/www/html/wordpress/wp-includes/class-wp-hook.php(307): {closure}()
#9 /var/www/html/wordpress/wp-includes/class-wp-hook.php(331): WP_Hook-&gt;apply_filters()
#10 /var/www/html/wordpress/wp-includes/plugin.php(476): WP_Hook-&gt;do_action()
#11 /var/www/html/wordpress/wp-settings.php(620): do_action()
#12 /var/www/html/wordpress/wp-config.php(103): require_once('...')
#13 /var/www/html/wordpress/wp-load.php(50): require_once('...')
#14 /var/www/html/wordpress/wp-admin/admin.php(34): require_once('...')
#15 /var/www/html/wordpress/wp-admin/network/admin.php(13): require_once('...')
#16 /var/www/html/wordpress/wp-admin/network/settings.php(11): require_once('...')
#17 {main}
  thrown in <b>/var/www/html/wordpress/wp-includes/ms-functions.php</b> on line <b>2709</b><br />

For updating options, I use default values, compare new values with default, and then update them. Maybe this method also works for you:

wp-admin/network/settings.php:111

<?php
$defaults = [
        'fileupload_maxk'       => 1500,
];

---

wp-admin/network/settings.php:123(After inserting $defaults. otherwise: 121)

<?php
if ( ! isset( $_POST[ $option_name ] ) && !isset( $defaults[$option_name] ) ) {
        continue;
} else if( isset( $defaults[$option_name] ) ) {
        $value = $defaults[$option_name];
}

[mjkhajeh]

Snippet

Fixed Fatal error for Network site,
Ref #55926

[kebbet]

The linked PR seems to have unrelated changes in src/wp-content/themes/twentyseventeen/assets/css/blocks.css. So marking for needs refresh.

[audrasjb]

I refreshed the PR to remove unwanted changes, but I think we could also make the inline comment more generic, just in case we want to use it for other default values in the future.

[SergeyBiryukov]

Hi there, thanks for the ticket and the PR!

I'm not sure adding a default value for fileupload_maxk on Network Settings screen is the right approach here:

• It's not quite clear why of 20+ settings on that page, only one should have a default value.
• The current PR, unless I'm missing something, would always save the 1500 value instead of the entered value.

I think a better solution would be to sanitize fileupload_maxk with absint() in sanitize_option(), like we already do for other numeric options, see 55926.diff​. That would replace an empty value with zero, which seems to match the intention of entering an empty value in the first place.

Since upload_size_limit_filter() is the function that throws a fatal error here, a unit test for it would also be great.

[SergeyBiryukov]

Related: #27224

[audrasjb]

Indeed, sanitizing the value with absint() seems like the best option so far.

[mjkhajeh]

That's right. So it can be good if you check other options too. isn't it?

This PR uses the solution from https://core.trac.wordpress.org/attachment/ticket/55926/55926.diff and also casts the fileupload_maxk site option to an int in upload_size_limit_filter(). It also adds some unit tests for that function.

Trac ticket: https://core.trac.wordpress.org/ticket/55926

[audrasjb]

PR 3271 combines the best of both approaches :D
Let's go with this. I'll give it a quick test then commit.

[audrasjb]

In 54482:

Networks and Sites: Ensure fileupload_maxk is an int to avoid potential fatal errors.

This changeset fixes a potential fatal error, for example when "Max upload file size" setting is set to an empty value. It also adds unit tests for upload_size_limit_filter.

Props mjkhajeh, bhrugesh12, SergeyBiryukov, kebbet, audrasjb, felipeelia.
Fixes #55926.

Committed in https://core.trac.wordpress.org/changeset/54482