[wp-trac] [WordPress Trac] #59818: [PHP 8.1] deprecated null in `explode()` for 'ping_sites' in `wp-admin/options-writing.php` with "Discourage search engines" on
WordPress Trac
noreply at wordpress.org
Wed Jan 10 06:08:18 UTC 2024
#59818: [PHP 8.1] deprecated null in `explode()` for 'ping_sites' in `wp-admin
/options-writing.php` with "Discourage search engines" on
-----------------------------+--------------------------------
Reporter: kitchin | Owner: SergeyBiryukov
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: 6.5
Component: Administration | Version:
Severity: normal | Resolution:
Keywords: php81 has-patch | Focuses: php-compatibility
-----------------------------+--------------------------------
Comment (by devmuhib):
Can you add the testing instruction please?
Replying to [comment:4 kitchin]:
> Thanks for the quick action! I have a different approach that addresses
the underling issue.
>
> The controller `wp-admin/options.php` uses `update_option()`
unconditionally on all relevant elements of `$allowed_options`, even if
they don't appear in `$_POST`. Luckily in the current codebase, or as part
of its design, there is a filter on `get_option( 'ping_sites' )`, called
`privacy_ping_filter()`, which checks:
> {{{
> if ( '1' === get_option( 'blog_public' ) ) {
> return $sites;
> } else {
> return '';
> }
> }}}
>
> So when `update_option()` uses `get_option()` to compare `$value` to
`$old_value`, it sees `'' === ''`, where `explode( "\n", $value )` has
cast `NULL` to `''`. Thus no data loss.
>
> My first patch mods `$allowed_options`. It does it directly, rather than
using the filter, since the variable is very specific to the file it is
in. Might as well make it easy to read. This patch is tested as far as
updating options goes.
>
> My alternate patch also reconciles the strictness and specificity of the
evaluation of 'blog_public' across the codebase, except multisite. In
other words, `'1' ===` vs. `'0' != `, etc. It also makes the filter
signature in `wp-includes/functions.php` correct. Multisite seems to have
its own way of doing things. This patch is not tested.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/59818#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list