From 6b50b3e9fea7283118b0d2efdaf6908b777eb68d Mon Sep 17 00:00:00 2001 From: Peter Wilson Date: Tue, 7 Feb 2023 03:34:15 +0000 Subject: [PATCH] Formatting: Guard `wp_strip_all_tags()` against fatal errors. Check the input of `wp_strip_all_tags()` before passing it to `strip_tags()`. This protects against fatal errors introduced in PHP 8, retaining the `E_USER_WARNING` from PHP 7, and prevents a PHP 8.1 deprecation notice when passing null. Props chocofc1, costdev, jrf, dd32, audrasjb, peterwilsoncc. Fixes #56434. Built from https://develop.svn.wordpress.org/trunk@55245 git-svn-id: http://core.svn.wordpress.org/trunk@54778 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/formatting.php | 26 ++++++++++++++++++++++++++ wp-includes/version.php | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php index c76e8730fe..fc3770cfaf 100644 --- a/wp-includes/formatting.php +++ b/wp-includes/formatting.php @@ -5395,6 +5395,32 @@ function normalize_whitespace( $str ) { * @return string The processed string. */ function wp_strip_all_tags( $text, $remove_breaks = false ) { + if ( is_null( $text ) ) { + return ''; + } + + if ( ! is_scalar( $text ) ) { + /* + * To maintain consistency with pre-PHP 8 error levels, + * trigger_error() is used to trigger an E_USER_WARNING, + * rather than _doing_it_wrong(), which triggers an E_USER_NOTICE. + */ + trigger_error( + sprintf( + /* translators: 1: The function name, 2: The argument number, 3: The argument name, 4: The expected type, 5: The provided type. */ + __( 'Warning: %1$s expects parameter %2$s (%3$s) to be a %4$s, %5$s given.' ), + __FUNCTION__, + '#1', + '$text', + 'string', + gettype( $text ) + ), + E_USER_WARNING + ); + + return ''; + } + $text = preg_replace( '@<(script|style)[^>]*?>.*?@si', '', $text ); $text = strip_tags( $text ); diff --git a/wp-includes/version.php b/wp-includes/version.php index 8e4833a96e..084edb8192 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.2-alpha-55244'; +$wp_version = '6.2-alpha-55245'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.