From 4fe5f325ad937e51edbc8ef7eb1d9fe6d89c3798 Mon Sep 17 00:00:00 2001 From: hellofromTonya Date: Wed, 15 Sep 2021 22:19:58 +0000 Subject: [PATCH] Options, Meta APIs: Fix "passing null to non-nullable" deprecations to `(get|add|update|delete)_option()`. In all four of the `get_option()`, `add_option()`, `update_option()` and `delete_option()` functions, the `$option` parameter (i.e. the option name) is passed to the PHP native `trim()` function without prior input validation. In PHP 8.1, this could lead to a `trim(): Passing null to parameter #1 ($string) of type string is deprecated` for each of these functions. `trim()`: - expects a text string and is only useful when ''passed'' a text string as no other variable type can contain whitespace. - will always return a `string`, which means that in practice for any non-string values passed, it would effectively function as a type cast to string. This commit: - Adds a check to verify the `$option` name is a scalar before processing it with `trim()`. - The "type cast" behavior is maintained. - If the given `$option` name is not a scalar, such as `null`, the fix prevents the PHP 8.1 deprecation notice. - Tests are added for valid but undesired option names to safeguard against regressions. This issue is already covered by: - the existing `Tests_Option_Option::test_bad_option_names()` test group. - the new `test_valid_but_undesired_option_names()` tests. Follow-up to [13858], [22633], [23510], [25002], [51817]. Props jrf, hellofromTonya, pbearne. See #53635. Built from https://develop.svn.wordpress.org/trunk@51818 git-svn-id: http://core.svn.wordpress.org/trunk@51425 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/option.php | 20 ++++++++++++++++---- wp-includes/version.php | 2 +- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/wp-includes/option.php b/wp-includes/option.php index ec41b060ae..dc2195949f 100644 --- a/wp-includes/option.php +++ b/wp-includes/option.php @@ -77,7 +77,10 @@ function get_option( $option, $default = false ) { global $wpdb; - $option = trim( $option ); + if ( is_scalar( $option ) ) { + $option = trim( $option ); + } + if ( empty( $option ) ) { return false; } @@ -378,7 +381,10 @@ function wp_load_core_site_options( $network_id = null ) { function update_option( $option, $value, $autoload = null ) { global $wpdb; - $option = trim( $option ); + if ( is_scalar( $option ) ) { + $option = trim( $option ); + } + if ( empty( $option ) ) { return false; } @@ -565,7 +571,10 @@ function add_option( $option, $value = '', $deprecated = '', $autoload = 'yes' ) _deprecated_argument( __FUNCTION__, '2.3.0' ); } - $option = trim( $option ); + if ( is_scalar( $option ) ) { + $option = trim( $option ); + } + if ( empty( $option ) ) { return false; } @@ -687,7 +696,10 @@ function add_option( $option, $value = '', $deprecated = '', $autoload = 'yes' ) function delete_option( $option ) { global $wpdb; - $option = trim( $option ); + if ( is_scalar( $option ) ) { + $option = trim( $option ); + } + if ( empty( $option ) ) { return false; } diff --git a/wp-includes/version.php b/wp-includes/version.php index aa9317b8bc..119e9808de 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '5.9-alpha-51817'; +$wp_version = '5.9-alpha-51818'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.