Opened 3 months ago
Last modified 3 months ago
#61577 new defect (bug)
health check count display bug
Reported by: | gqevu6bsiz | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | 6.5.5 |
Component: | Site Health | Keywords: | |
Focuses: | administration | Cc: |
Description
WP: 6.5.5
PHP: 8.2
I found this bug with using OWASP ZAP.
I got this error
PHP Fatal error: Uncaught TypeError: number_format(): Argument #1 ($num) must be of type float, string given in /wp-includes/functions.php:424 Stack trace: #0 /wp-includes/functions.php(424): number_format() #1 /wp-admin/menu.php(368): number_format_i18n() #2 /wp-admin/admin.php(158): require('...') #3 /wp-admin/index.php(10): require_once('...') #4 {main} thrown in /wp-includes/functions.php on line 424
Then, I found that the error was in the below code.
wp-admin/menu.php line 349 - 369
$get_issues = get_transient( 'health-check-site-status-result' );
$issue_counts = array();
if ( false !== $get_issues ) {
$issue_counts = json_decode( $get_issues, true );
}
if ( ! is_array( $issue_counts ) || ! $issue_counts ) {
$issue_counts = array(
'good' => 0,
'recommended' => 0,
'critical' => 0,
);
}
$site_health_count = sprintf(
'<span class="menu-counter site-health-counter count-%s"><span class="count">%s</span></span>',
$issue_counts['critical'],
number_format_i18n( $issue_counts['critical'] )
);
An error occurs when critical value is not a number.
I think this values is usually only number but in my case was string.
wp-admin/includes/ajax-actions.php line 5445 - 5455
function wp_ajax_health_check_site_status_result() {
check_ajax_referer( 'health-check-site-status-result' );
if ( ! current_user_can( 'view_site_health_checks' ) ) {
wp_send_json_error();
}
set_transient( 'health-check-site-status-result', wp_json_encode( $_POST['counts'] ) );
wp_send_json_success();
}
I think probably that OWASP ZAP requests the string.
I think that not enough validation when save for transient data(health-check-site-status-result).
The error can be with the following code
add_action( 'admin_footer' , 'example_admin_footer' ); function example_admin_footer() { ?> <script> jQuery(function( $ ) { const _wpnonce = '<?php echo esc_js( wp_create_nonce( 'health-check-site-status-result' ) ); ?>'; const counts = { 'critical': 'test', 'good': 3, 'recommended': 8 }; $.ajax({ type: 'post', url: ajaxurl, data: { 'action': 'health-check-site-status-result', '_wpnonce': _wpnonce, 'counts': counts } }).done( function( xhr ) { console.log(xhr); }); }); </script> <?php }
Change History (1)
Note: See
TracTickets for help on using
tickets.