Options, Meta APIs: Improve error handling in sanitize_option().

To prevent potential false negatives, set `$error` to `null` initially, so we can better tell if it was ever changed during the sanitization and be able to better react if an empty string is added to it.

Additionally, and mainly for the sake of the Settings API at this point, add error messages to some `WP_Error` objects returned from `wpdb` methods that were previously causing the issues here.

Follow-up to [32791].

Props iCaleb, audrasjb, hellofromTonya, SergeyBiryukov.
Fixes #53986.
Built from https://develop.svn.wordpress.org/trunk@52294


git-svn-id: http://core.svn.wordpress.org/trunk@51886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2021-11-30 21:03:00 +00:00
parent 2b2313d56b
commit 566d5d2170
3 changed files with 13 additions and 6 deletions

View File

@ -4711,7 +4711,7 @@ function sanitize_option( $option, $value ) {
global $wpdb; global $wpdb;
$original_value = $value; $original_value = $value;
$error = ''; $error = null;
switch ( $option ) { switch ( $option ) {
case 'admin_email': case 'admin_email':
@ -4919,7 +4919,9 @@ function sanitize_option( $option, $value ) {
$value = str_replace( 'http://', '', $value ); $value = str_replace( 'http://', '', $value );
} }
if ( 'permalink_structure' === $option && '' !== $value && ! preg_match( '/%[^\/%]+%/', $value ) ) { if ( 'permalink_structure' === $option && null === $error
&& '' !== $value && ! preg_match( '/%[^\/%]+%/', $value )
) {
$error = sprintf( $error = sprintf(
/* translators: %s: Documentation URL. */ /* translators: %s: Documentation URL. */
__( 'A structure tag is required when using custom permalinks. <a href="%s">Learn more</a>' ), __( 'A structure tag is required when using custom permalinks. <a href="%s">Learn more</a>' ),
@ -4948,7 +4950,12 @@ function sanitize_option( $option, $value ) {
break; break;
} }
if ( ! empty( $error ) ) { if ( null !== $error ) {
if ( '' === $error && is_wp_error( $value ) ) {
/* translators: 1: Option name, 2: Error code. */
$error = sprintf( __( 'Could not sanitize the %1$s option. Error code: %2$s' ), $option, $value->get_error_code() );
}
$value = get_option( $option ); $value = get_option( $option );
if ( function_exists( 'add_settings_error' ) ) { if ( function_exists( 'add_settings_error' ) ) {
add_settings_error( $option, "invalid_{$option}", $error ); add_settings_error( $option, "invalid_{$option}", $error );

View File

@ -16,7 +16,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '5.9-alpha-52293'; $wp_version = '5.9-alpha-52294';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.

View File

@ -2885,7 +2885,7 @@ class wpdb {
$table = '`' . implode( '`.`', $table_parts ) . '`'; $table = '`' . implode( '`.`', $table_parts ) . '`';
$results = $this->get_results( "SHOW FULL COLUMNS FROM $table" ); $results = $this->get_results( "SHOW FULL COLUMNS FROM $table" );
if ( ! $results ) { if ( ! $results ) {
return new WP_Error( 'wpdb_get_table_charset_failure' ); return new WP_Error( 'wpdb_get_table_charset_failure', __( 'Could not retrieve table charset.' ) );
} }
foreach ( $results as $column ) { foreach ( $results as $column ) {
@ -3327,7 +3327,7 @@ class wpdb {
$this->check_current_query = false; $this->check_current_query = false;
$row = $this->get_row( 'SELECT ' . implode( ', ', $sql ), ARRAY_A ); $row = $this->get_row( 'SELECT ' . implode( ', ', $sql ), ARRAY_A );
if ( ! $row ) { if ( ! $row ) {
return new WP_Error( 'wpdb_strip_invalid_text_failure' ); return new WP_Error( 'wpdb_strip_invalid_text_failure', __( 'Could not strip invalid text.' ) );
} }
foreach ( array_keys( $data ) as $column ) { foreach ( array_keys( $data ) as $column ) {