In all four of the `get_option()`, `add_option()`, `update_option()` and `delete_option()` functions, the `$option` parameter (i.e. the option name) is passed to the PHP native `trim()` function without prior input validation.
In PHP 8.1, this could lead to a `trim(): Passing null to parameter #1 ($string) of type string is deprecated` for each of these functions.
`trim()`:
- expects a text string and is only useful when ''passed'' a text string as no other variable type can contain whitespace.
- will always return a `string`, which means that in practice for any non-string values passed, it would effectively function as a type cast to string.
This commit:
- Adds a check to verify the `$option` name is a scalar before processing it with `trim()`.
- The "type cast" behavior is maintained.
- If the given `$option` name is not a scalar, such as `null`, the fix prevents the PHP 8.1 deprecation notice.
- Tests are added for valid but undesired option names to safeguard against regressions.
This issue is already covered by:
- the existing `Tests_Option_Option::test_bad_option_names()` test group.
- the new `test_valid_but_undesired_option_names()` tests.
Follow-up to [13858], [22633], [23510], [25002], [51817].
Props jrf, hellofromTonya, pbearne.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51818
git-svn-id: http://core.svn.wordpress.org/trunk@51425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are two pieces in here:
1) The update to change blacklist to blocklist is moved to disallowed_list. "Block" has a meaning in our code, and there could be ambiguity between this code and code related to blocks.
2) This improves backwards compatibility for code that was accessing the now deprecated code.
Previously: [48477], [48405], [48400], [48121], [48122], [48124], [48142], [48566]
Props: desrosj, SergeyBiryukov, johnjamesjacoby
Fixes: #50413
Built from https://develop.svn.wordpress.org/trunk@48575
git-svn-id: http://core.svn.wordpress.org/trunk@48337 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change renames `$new_whitelist_options` to `$new_allowed_options`. This makes the variable’s purpose more clear, and promotes using more inclusive language.
For backwards compatibility, the new variable is passed by reference to the old one.
Follow up to [48121].
Props ayeshrajans, desrosj, jorbin, SergeyBiryukov.
See #50413.
Fixes#50434.
Built from https://develop.svn.wordpress.org/trunk@48477
git-svn-id: http://core.svn.wordpress.org/trunk@48246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The filter is the callback function added with `add_filter()`, therefore the hook passes a value to the filter, and the filter returns a value to change its behaviour.
The documentation is referring to the latter.
Props johnbillion.
See #49572, #16557.
Built from https://develop.svn.wordpress.org/trunk@48185
git-svn-id: http://core.svn.wordpress.org/trunk@47954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”
With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).
Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.
Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.
Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes#50413.
Built from https://develop.svn.wordpress.org/trunk@48121
git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Every time an autoloaded option is updated or deleted, the `alloptions` cache is similarly updated. Due to the race condition, on any autoloaded option being updated, every other autoloaded option had its value set to the value at load time, causing a mismatch between the data in the persistent cache and the database.
This change introduces a `$force_cache` parameter for `wp_load_alloptions()` to force an update of the local `alloptions` cache from the persistent cache when an option is added, updated, or deleted, to minimize the chance of affecting other options.
Props fabifott, rmccue, tollmanz, johnjamesjacoby, spacedmonkey, dd32, jipmoors, tellyworth, jeremyclarke, joehoyle, boonebgorges, danielbachhuber, flixos90, jeichorn, mihdan, Grzegorz.Janoszka, SergeyBiryukov.
See #31245.
Built from https://develop.svn.wordpress.org/trunk@46753
git-svn-id: http://core.svn.wordpress.org/trunk@46553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.
Includes minor code layout fixes.
Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!
Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes#44360.
Built from https://develop.svn.wordpress.org/trunk@45926
git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.
This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script.
- Auto-fixable coding standards issues will now cause Travis failures.
Fixes#44600.
Built from https://develop.svn.wordpress.org/trunk@43571
git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, the `{$network_id}:notoptions` cache would only be fetched, but not set, unless the actual database lookup would be unsuccessful. This enhancement slightly improves performance by preventing unnecessary external object cache lookups if one is used.
Fixes#43506.
Built from https://develop.svn.wordpress.org/trunk@42833
git-svn-id: http://core.svn.wordpress.org/trunk@42663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are situations where the REST API client wants to be able to read and set the permalink_structure option. Though this doesn’t fix the use case of front-end rendered unauthenticated websites, it still has utility as a setting in it’s own right.
Props aduth.
See #41014.
Built from https://develop.svn.wordpress.org/trunk@42359
git-svn-id: http://core.svn.wordpress.org/trunk@42188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42228
git-svn-id: http://core.svn.wordpress.org/trunk@42057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`pre_cache_alloptions` is run before the alloptions array is inserted into the cache, and is valuable for sanity checking the options, particularly if your caching scheme has size limitations.
`alloptions` is run before returning the alloptions array, and is useful for when you have extra information that alloptions should return.
Props sebastian.pisula, keesiemeijer.
Fixes#33958.
Built from https://develop.svn.wordpress.org/trunk@41627
git-svn-id: http://core.svn.wordpress.org/trunk@41462 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change standardizes some language in the parameter descriptions between the two hook docs in an effort to reduce confusion between the `$pre_option` pseudo-parameters and the new `$default` ones. `$pre_option` is the truthy value used to short-circuit the `get_*option()` call, `$default` is the value passed to the `get_*option()` returned in the event that 1) a short circuit isn't performed, 2) the option doesn't exist.
Props sc0ttkclark.
Fixes#41254.
Built from https://develop.svn.wordpress.org/trunk@41013
git-svn-id: http://core.svn.wordpress.org/trunk@40863 1a063a9b-81f0-0310-95a4-ce76da25c4cd