From 89e665383f0fd6c195374483237183d59a5687ca Mon Sep 17 00:00:00 2001
From: Sergey Biryukov <sergeybiryukov.ru@gmail.com>
Date: Mon, 24 Oct 2022 14:49:15 +0000
Subject: [PATCH] KSES: Display a notice if any of the required globals are not
 set.

When using the `CUSTOM_TAGS` constant, these global variables should be set to arrays:

* `$allowedposttags`
* `$allowedtags`
* `$allowedentitynames`
* `$allowedxmlentitynames`

This commit aims to improve developer experience by displaying a more helpful message to explain a PHP fatal error further in the code if any of these globals are either not set or not an array.

Note Using `CUSTOM_TAGS` is not recommended and should be considered deprecated. The `wp_kses_allowed_html` filter is more powerful and supplies context.

Follow-up to [832], [834], [2896], [13358], [21796], [28845], [43016], [48072].

Props doctorlai, pento, KnowingArt_com, bosconiandynamics, TJNowell, ironprogrammer, audrasjb, mukesh27, SergeyBiryukov.
Fixes #47357.
Built from https://develop.svn.wordpress.org/trunk@54672


git-svn-id: http://core.svn.wordpress.org/trunk@54224 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/kses.php    | 34 ++++++++++++++++++++++++++++++++++
 wp-includes/version.php |  2 +-
 2 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/wp-includes/kses.php b/wp-includes/kses.php
index 5dddfd023e..b1b7c7319a 100644
--- a/wp-includes/kses.php
+++ b/wp-includes/kses.php
@@ -36,6 +36,13 @@
  * Using `CUSTOM_TAGS` is not recommended and should be considered deprecated. The
  * {@see 'wp_kses_allowed_html'} filter is more powerful and supplies context.
  *
+ * When using this constant, make sure to set all of these globals to arrays:
+ *
+ *  - `$allowedposttags`
+ *  - `$allowedtags`
+ *  - `$allowedentitynames`
+ *  - `$allowedxmlentitynames`
+ *
  * @see wp_kses_allowed_html()
  * @since 1.2.0
  *
@@ -685,6 +692,33 @@ if ( ! CUSTOM_TAGS ) {
 
 	$allowedposttags = array_map( '_wp_add_global_attributes', $allowedposttags );
 } else {
+	$required_kses_globals = array(
+		'allowedposttags',
+		'allowedtags',
+		'allowedentitynames',
+		'allowedxmlentitynames',
+	);
+	$missing_kses_globals  = array();
+
+	foreach ( $required_kses_globals as $global_name ) {
+		if ( ! isset( $GLOBALS[ $global_name ] ) || ! is_array( $GLOBALS[ $global_name ] ) ) {
+			$missing_kses_globals[] = '<code>$' . $global_name . '</code>';
+		}
+	}
+
+	if ( $missing_kses_globals ) {
+		_doing_it_wrong(
+			'wp_kses_allowed_html',
+			sprintf(
+				/* translators: 1: CUSTOM_TAGS, 2: Global variable names. */
+				__( 'When using the %1$s constant, make sure to set these globals to an array: %2$s.' ),
+				'<code>CUSTOM_TAGS</code>',
+				implode( ', ', $missing_kses_globals )
+			),
+			'6.2.0'
+		);
+	}
+
 	$allowedtags     = wp_kses_array_lc( $allowedtags );
 	$allowedposttags = wp_kses_array_lc( $allowedposttags );
 }
diff --git a/wp-includes/version.php b/wp-includes/version.php
index c51d5ce726..96d3993af6 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -16,7 +16,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '6.2-alpha-54670';
+$wp_version = '6.2-alpha-54672';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.