Use of rand() function instead of wp_rand()

[haritpanchal]

Filesystem API function wp_edit_theme_plugin_file using PHP rand() function rather than WP's wp_rand(). Can we enhance this as rand() is discouraged?

File path: wp-admin/includes/file.php
Line: 524 and 526

[sakibmd]

If we can want to use wp_rand() instead of rand() then it could be solution.

[sakibmd]

changes in file "wp-admin/includes/file.php" I just replace rand() by wp_rand()
If wp_rand() is encouraged to use.

[haritpanchal]

Looks good as it will bring consistency to the WP core.

[costdev]

Hi @haritpanchal, thanks for opening this ticket and to @sakibmd for the patch!

---

Testing Instructions

These steps define how to test the feature or enhancement, and indicates the expected behavior or results.

Steps to Test

1. Apply the patch.
2. Navigate to Appearance > Themes and ensure that a classic theme is activated.
3. Navigate to Appearance > Theme File Editor.
4. ✅ Open the functions.php file and add echo 'Howdy, admin!';. Click Update File.
5. ✅ Remove the ; and click Update File.
6. Navigate to Plugins > Plugin File Editor.
7. ✅ Open the main plugin file for an active plugin and add echo 'Howdy, admin!';. Click Update File.
8. ✅ Remove the ; and click Update File.

Expected Results

Lists each expected result or behavior, i.e. what should happen when running the test(s):

• ✅ The theme file should be updated successfully.
• ✅ The theme file should fail to update.
• ✅ The plugin file should be updated successfully.
• ✅ The plugin file should fail to update.

Notes

• Adding has-testing-info and needs-testing.
• Adding performance focus and pinging @flixos90 for thoughts regarding performance.

[haritpanchal]

Hi, @costdev. After applying the patch, I tested all the scenarios and found all were working perfectly. Both times files were failing to update whenever the ; was missing.

[naeemhaque]

Hello @costdev, I've tested the patch & it's working as expected results.

Bug Report

Description

This report validates whether the indicated patch works as expected.
Patch tested: https://core.trac.wordpress.org/attachment/ticket/57725/57725.diff

Environment

• WordPress: 6.6-alpha-57778-src
• PHP: 7.4.33
• Server: nginx/1.23.2
• Database: mysqli (Server: 8.0.36 / Client: mysqlnd 7.4.33)
• Browser: Chrome 124.0.0.0
• OS: macOS
• Theme: Twenty Twenty-Four 1.0
• MU Plugins: None activated
• Plugins:
  • Test Reports 1.1.0

Steps to Reproduce

1. Apply the patch.
2. Navigate to Appearance > Themes and ensure that a classic theme is activated.
3. Navigate to Appearance > Theme File Editor.
4. Open the functions.php file and add echo 'Howdy, admin!';. Click Update File.
5. Remove the, and click Update File.
6. Navigate to Plugins > Plugin File Editor.
7. Open the main plugin file for an active plugin and add echo 'Howdy, admin!';. Click Update File.
8. Remove the; and click Update File.

Expected Results

1. ✅ The theme file should be updated successfully.
2. ✅ The theme file should fail to update.
3. ✅ The plugin file should be updated successfully.
4. ✅ The plugin file should fail to update.

Actual Results

1. ✅ The theme file was updated successfully.
2. ✅ The theme file fails to update.
3. ✅ The plugin file was updated successfully.
4. ✅ The plugin file fails to update.