Code Modernization: Check the return type of parse_url() on Plugin/Theme Editor screens.

As per the PHP manual:
> If the `component` parameter is omitted, an associative array is returned.
> If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned.

Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values]

While it is probably unlikely that someone would have a direct link to the plugin/theme editor on their home page or even on someone else's homepage, it is entirely possible for the referrer URL to not have a "path" component.

In PHP 8.1, this would lead to a `basename(): Passing null to parameter #1 ($string) of type string is deprecated` notice.

Changing the logic around and adding validation for the return type value of `parse_url()` prevents that.

Follow-up to [51606], [51622], [51626].

Props jrf, hellofromTonya, SergeyBiryukov.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51629


git-svn-id: http://core.svn.wordpress.org/trunk@51235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2021-08-17 21:56:58 +00:00
parent 28e10d9c17
commit 1ee5e68a94
3 changed files with 13 additions and 9 deletions

View File

@ -312,10 +312,12 @@ if ( ! in_array( 'plugin_editor_notice', $dismissed_pointers, true ) ) :
$excluded_referer_basenames = array( 'plugin-editor.php', 'wp-login.php' );
if ( $referer && ! in_array( basename( parse_url( $referer, PHP_URL_PATH ) ), $excluded_referer_basenames, true ) ) {
$return_url = $referer;
} else {
$return_url = admin_url( '/' );
if ( $referer ) {
$referer_path = parse_url( $referer, PHP_URL_PATH );
if ( is_string( $referer_path ) && ! in_array( basename( $referer_path ), $excluded_referer_basenames, true ) ) {
$return_url = $referer;
}
}
?>
<div id="file-editor-warning" class="notification-dialog-wrap file-editor-warning hide-if-no-js hidden">

View File

@ -343,10 +343,12 @@ if ( ! in_array( 'theme_editor_notice', $dismissed_pointers, true ) ) :
$excluded_referer_basenames = array( 'theme-editor.php', 'wp-login.php' );
if ( $referer && ! in_array( basename( parse_url( $referer, PHP_URL_PATH ) ), $excluded_referer_basenames, true ) ) {
$return_url = $referer;
} else {
$return_url = admin_url( '/' );
if ( $referer ) {
$referer_path = parse_url( $referer, PHP_URL_PATH );
if ( is_string( $referer_path ) && ! in_array( basename( $referer_path ), $excluded_referer_basenames, true ) ) {
$return_url = $referer;
}
}
?>
<div id="file-editor-warning" class="notification-dialog-wrap file-editor-warning hide-if-no-js hidden">

View File

@ -13,7 +13,7 @@
*
* @global string $wp_version
*/
$wp_version = '5.9-alpha-51628';
$wp_version = '5.9-alpha-51629';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.