The `_mb_substr()` function expects a string for the `$str` parameter, but does not do input validation. This function contains a `preg_match_all()` which also expects a string type for the given subject (i.e. `$str`).
Passing `null` to this parameter results in `preg_match_all(): Passing null to parameter #2 ($subject) of type string is deprecated` notice on PHP 8.1.
To maintain the same behaviour as before, a guard clause is added to bail out early when `$str` is passed as `null`. The outcome will, in that case, only ever be an empty string.
Note: this does mean that the `_mb_substr()` function now has a subtle difference in behaviour compared to the PHP native `mb_substr()` function as the latter ''will'' throw the deprecation notice.
The existing tests already cover this issue.
Follow-up to [17621], [36017], [32364].
Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51853
git-svn-id: http://core.svn.wordpress.org/trunk@51452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Document that WebP constants are only defined in PHP 7.1+.
* Correct the `$filename` parameter type in `wp_get_webp_info()`.
* Use a consistent message when skipping tests due to the lack of WebP support.
* Remove unnecessary `else` branches after `markTestSkipped()`.
* Replace `assertEquals()` with more appropriate assertions.
Follow-up to [50810].
See #35725.
Built from https://develop.svn.wordpress.org/trunk@50814
git-svn-id: http://core.svn.wordpress.org/trunk@50423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add support for uploading, editing and saving WebP images when supported by the server.
Add 'image/webp' to supported mime types. Correctly identify WebP images and sizes even when PHP doesn't support WebP. Resize uploaded WebP files (when supported) and use for front end markup.
Props markoheijne, blobfolio, Clorith, joemcgill, atjn, desrosj, spacedmonkey, marylauc, mikeschroder, hellofromtonya, flixos90.
Fixes#35725.
Built from https://develop.svn.wordpress.org/trunk@50810
git-svn-id: http://core.svn.wordpress.org/trunk@50419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.
This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast
In part, this is a follow-up to #47746.
Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49193
git-svn-id: http://core.svn.wordpress.org/trunk@48955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The tag was supported in phpDocumentor 1.x, but is no longer supported in 2.x and 3.x.
Usage of static variables is considered an internal implementation detail and has no information value for someone reading the docs.
Props alishanvr, jrf.
Fixes#50426.
Built from https://develop.svn.wordpress.org/trunk@48109
git-svn-id: http://core.svn.wordpress.org/trunk@47878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The PHP native JSON extension has been bundled and compiled with PHP by default since version 5.2.0. Because the minimum version of PHP required by WordPress is now 5.6.20 (see #46594 and [45058]), JSON extension related polyfills and backwards compatibility code can now be removed.
This change removes the `json_last_error_msg()` and `JsonSerializable` polyfills included in WordPress for full JSON extension support in PHP < 5.6.
Follow up of [46205-46206].
See #47699.
Props jrf, Clorith, pento.
Built from https://develop.svn.wordpress.org/trunk@46208
git-svn-id: http://core.svn.wordpress.org/trunk@46020 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As of PHP 5.3, the SPL extension cannot be disabled, so we no longer need this polyfill.
The file is kept with a `_deprecated_file()` call, to alert any plugins or themes that may be loading it directly.
Props jrf, ayeshrajans.
See #47698, #46630.
Built from https://develop.svn.wordpress.org/trunk@45637
git-svn-id: http://core.svn.wordpress.org/trunk@45448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Noteable changes:
- The `magic_quotes_runtime` and `magic_quotes_sybase` settings were removed in PHP 5.4, so no longer need to be set.
- Some functions that use external libraries can generate errors that can't be tested for, so are globally allowed to silence errors.
- Quite a few functions would cause errors if `safe_mode` was set. This setting was removed in PHP 5.4.
- Only a handful of `header()` calls needed corresponding `headers_sent()` checks for unit tests to pass, but more may need to be added as the nightlies builds are tested.
See #46732.
Built from https://develop.svn.wordpress.org/trunk@45611
git-svn-id: http://core.svn.wordpress.org/trunk@45422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a pure PHP implementation of the cryptographic functions supported in PHP 7.2+. It provides the necessary backwards compatibility required to support signature verification and other security features going forward across all supported PHP versions.
Props paragoninitiativeenterprises
Fixes#45806. See #39309.
Built from https://develop.svn.wordpress.org/trunk@44953
git-svn-id: http://core.svn.wordpress.org/trunk@44784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42228
git-svn-id: http://core.svn.wordpress.org/trunk@42057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `__autoload()` function is deprecated in PHP 7.2, which means WordPress' own `__autoload()` compat function for PHP 5.2 needs to be moved into a separate file to prevent the PHP 7.2 compiler from complaining.
Props ayeshrajans
See #40109
Built from https://develop.svn.wordpress.org/trunk@41178
git-svn-id: http://core.svn.wordpress.org/trunk@41018 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[37748] introduced `_wp_expand_nav_menu_post_data()` together with an `array_replace_recursive()` compatibility function for PHP 5.2.
Even though that compat function is tried and tested in other projects like BuddyPress, we need to add additional `isset()` checks in order to avoid 'Undefined index' notices in our case.
See #36590.
Built from https://develop.svn.wordpress.org/trunk@37750
git-svn-id: http://core.svn.wordpress.org/trunk@37715 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36510] allowed larger menus to be created in the Edit Menu screen by JSON-encoding the entire form into a single input field. However, it did not correctly handle nested arrays.
This introduces a new `_wp_expand_nav_menu_post_data()` helper function to handle this POST data which uses `array_replace_recursive()` internally. Since the latter is only available on PHP 5.3+, we add a compatibility function to ensure PHP 5.2 support.
Props ericlewis, neverything, swissspidy.
Fixes#36590 for trunk. See #14134.
Built from https://develop.svn.wordpress.org/trunk@37748
git-svn-id: http://core.svn.wordpress.org/trunk@37713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.
Take Two, this was previously committed in [34922] but had an issue on PHP 5.2 which sarciszewski has now resolved.
Props sarciszewski
See #28633
Built from https://develop.svn.wordpress.org/trunk@34981
git-svn-id: http://core.svn.wordpress.org/trunk@34946 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.
Props sarciszewski
See #28633
Built from https://develop.svn.wordpress.org/trunk@34922
git-svn-id: http://core.svn.wordpress.org/trunk@34887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.
To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.
`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.
Props markoheijnen, wonderboymusic.
Fixes#25672.
Built from https://develop.svn.wordpress.org/trunk@31188
git-svn-id: http://core.svn.wordpress.org/trunk@31169 1a063a9b-81f0-0310-95a4-ce76da25c4cd