[wp-trac] [WordPress Trac] #48693: Silence ini_set caused error or check if function_exists first
WordPress Trac
noreply at wordpress.org
Fri Feb 7 06:08:04 UTC 2020
#48693: Silence ini_set caused error or check if function_exists first
-------------------------------------+-----------------------------
Reporter: drazon | Owner: SergeyBiryukov
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: 5.4
Component: Bootstrap/Load | Version: 5.3
Severity: normal | Resolution:
Keywords: needs-testing has-patch | Focuses:
-------------------------------------+-----------------------------
Comment (by ayeshrajans):
I disagree that we should gracefully handle the lack of `ini_set` and
`ini_get` in the runtime.
This can have severe impact in security, because throughout the WordPress
core and plugins, I highly doubt every `ini_set` call is checked. In the
site health report, WordPress reports that `ini_get` function is not
available, and I believe this as far as WordPress should be flexible.
For example, if we cannot set `display_errors=Off`, we should **at least**
trigger a warning in site owners logs instead of silently not setting this
configuration value, which might result in the whole stack trace to be
printed on screen.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/48693#comment:14>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list