Opened 8 weeks ago
Last modified 8 weeks ago
#62722 new defect (bug)
Fix all ABSPATH direct access errors
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | |
Component: | General | Keywords: | has-patch dev-feedback |
Focuses: | Cc: |
Description
We host WooCommerce.com, and our logs are flooded with ABSPATH errors due to possibly bots accessing random URLs.
I see that this was already reported in #61314, #61286, #61277, #61912, #55936. The aim of this ticket is to resolve all "undefined ABSPATH" related issues.
Here is the easiest way to get all ABSPATH issues:
$ wp core download Downloading WordPress 6.7.1 (en_US)... md5 hash verified: fae7bae13a158496ab884b6cdb0c5c03 Success: WordPress downloaded. $ wp config create --dbname=wordpress --dbuser=root Success: Generated 'wp-config.php' file. $ wp db create Success: Database created. $ wp core install --url=localhost:8080 --title="WordPress" --admin_user=bor0 --admin_password=asdf --admin_email=boro.sitnikovski@automattic.com Success: WordPress installed successfully. $ > ~/dev/log/error_log # empty error log $ find . -name '*.php' | sed 's|^\./||' | xargs -I {} echo "http://localhost:8080/{}" > urls.txt # generate urls $ xargs -P 10 -n 1 curl -s -o /dev/null < urls.txt # visit each url $ grep ABSPATH ~/dev/log/error_log | grep -o '/[^ ]*.php' | uniq /opt/homebrew/var/www/wp-settings.php /opt/homebrew/var/www/wp-admin/includes/class-wp-privacy-data-export-requests-list-table.php /opt/homebrew/var/www/wp-admin/includes/class-wp-upgrader.php /opt/homebrew/var/www/wp-admin/includes/nav-menu.php /opt/homebrew/var/www/wp-admin/includes/class-wp-privacy-data-removal-requests-list-table.php /opt/homebrew/var/www/wp-admin/includes/template.php /opt/homebrew/var/www/wp-includes/functions.php /opt/homebrew/var/www/wp-includes/blocks/require-dynamic-blocks.php /opt/homebrew/var/www/wp-includes/class-wp-customize-setting.php /opt/homebrew/var/www/wp-includes/class-wp-customize-panel.php /opt/homebrew/var/www/wp-includes/class-simplepie.php /opt/homebrew/var/www/wp-includes/cache.php /opt/homebrew/var/www/wp-includes/class-IXR.php /opt/homebrew/var/www/wp-includes/meta.php /opt/homebrew/var/www/wp-includes/ms-blogs.php /opt/homebrew/var/www/wp-includes/Requests/library/Requests.php /opt/homebrew/var/www/wp-includes/wp-diff.php /opt/homebrew/var/www/wp-includes/class-wp-customize-section.php /opt/homebrew/var/www/wp-includes/class-wp-customize-control.php /opt/homebrew/var/www/wp-includes/nav-menu-template.php /opt/homebrew/var/www/wp-includes/default-widgets.php /opt/homebrew/var/www/wp-includes/class-wp-http.php /opt/homebrew/var/www/wp-includes/ms-settings.php /opt/homebrew/var/www/wp-includes/script-loader.php
Props @raicem
Attachments (1)
Note: See
TracTickets for help on using
tickets.
The attached file looks to address all the ABSPATH issues. Note that there are other issues (such as
add_action
undefined, etc.) but I'd propose addressing those as separate trac issues.That is, after applying the patch, no ABSPATH errors are reported.
@SergeyBiryukov I'd like to get your attention on this ticket - since you're blazingly fast at helping out :)