<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[51695] trunk: Code Modernization: Add input validation to `_set_cron_array()`.</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { white-space: pre-line; overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta" style="font-size: 105%">
<dt style="float: left; width: 6em; font-weight: bold">Revision</dt> <dd><a style="font-weight: bold" href="https://core.trac.wordpress.org/changeset/51695">51695</a><script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"Review this Commit","action":{"@type":"ViewAction","url":"https://core.trac.wordpress.org/changeset/51695","name":"Review Commit"}}</script></dd>
<dt style="float: left; width: 6em; font-weight: bold">Author</dt> <dd>hellofromTonya</dd>
<dt style="float: left; width: 6em; font-weight: bold">Date</dt> <dd>2021-08-30 15:19:38 +0000 (Mon, 30 Aug 2021)</dd>
</dl>
<pre style='padding-left: 1em; margin: 2em 0; border-left: 2px solid #ccc; line-height: 1.25; font-size: 105%; font-family: sans-serif'>Code Modernization: Add input validation to `_set_cron_array()`.
The private `_set_cron_array()` function expects a cron array as the first parameter, but will often be passed the - potentially updated - output of a call to `_get_cron_array()`.
When the `_get_cron_array()` function returns `false`, a "Deprecated: Automatic conversion of false to array is deprecated" warning will be thrown on PHP 8.1.
The input validation resolves the deprecation warning by setting the cron value to an empty array when not given an `array` data type.
Adds a full set of `_set_cron_array()` tests.
Follow-up to <a href="https://core.trac.wordpress.org/changeset/4189">[4189]</a>, <a href="https://core.trac.wordpress.org/changeset/50152">[50152]</a>.
Props jrf, hellofromTonya, peterwilsoncc.
See <a href="https://core.trac.wordpress.org/ticket/53635">#53635</a>.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunksrcwpincludescronphp">trunk/src/wp-includes/cron.php</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li>trunk/tests/phpunit/tests/cron/</li>
<li><a href="#trunktestsphpunittestscronsetCronArrayphp">trunk/tests/phpunit/tests/cron/setCronArray.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunksrcwpincludescronphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/cron.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/cron.php 2021-08-30 14:27:48 UTC (rev 51694)
+++ trunk/src/wp-includes/cron.php 2021-08-30 15:19:38 UTC (rev 51695)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1191,6 +1191,10 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * @return bool|WP_Error True if cron array updated. False or WP_Error on failure.
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> function _set_cron_array( $cron, $wp_error = false ) {
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( ! is_array( $cron ) ) {
+ $cron = array();
+ }
+
</ins><span class="cx" style="display: block; padding: 0 10px"> $cron['version'] = 2;
</span><span class="cx" style="display: block; padding: 0 10px"> $result = update_option( 'cron', $cron );
</span><span class="cx" style="display: block; padding: 0 10px">
</span></span></pre></div>
<a id="trunktestsphpunittestscronsetCronArrayphp"></a>
<div class="addfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Added: trunk/tests/phpunit/tests/cron/setCronArray.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/tests/phpunit/tests/cron/setCronArray.php (rev 0)
+++ trunk/tests/phpunit/tests/cron/setCronArray.php 2021-08-30 15:19:38 UTC (rev 51695)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -0,0 +1,175 @@
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<?php
+
+/**
+ * Test the `_set_cron_array()` function.
+ *
+ * @group cron
+ * @covers ::_set_cron_array
+ */
+class Tests_Cron_setCronArray extends WP_UnitTestCase {
+
+ public function set_up() {
+ parent::set_up();
+ // Make sure the schedule is clear.
+ _set_cron_array( array() );
+ }
+
+ public function tear_down() {
+ // Make sure the schedule is clear.
+ _set_cron_array( array() );
+ parent::tear_down();
+ }
+
+ /**
+ * Tests the input validation for the `_set_cron_array()` function.
+ *
+ * Includes verifying that invalid input - typically `false` - does not result in a PHP
+ * deprecation warning on PHP 8.1 or higher.
+ *
+ * The warning that we should not see:
+ * `Deprecated: Automatic conversion of false to array is deprecated`.
+ *
+ * @ticket 53635
+ *
+ * @dataProvider data_set_cron_array_input_validation
+ *
+ * @param mixed $input Cron "array".
+ * @param array $expected Expected array entry count of the cron option after update.
+ */
+ public function test_set_cron_array_input_validation( $input, $expected ) {
+ delete_option( 'cron' );
+ $this->assertTrue( _set_cron_array( $input ) );
+
+ $crons = get_option( 'cron' );
+ $this->assertIsArray( $crons, 'Cron option is not an array.' );
+ $this->assertArrayHasKey( 'version', $crons, 'Cron option does not have a "version" key.' );
+ $this->assertCount( $expected, $crons, 'Cron option does not contain the expected nr of entries.' );
+ }
+
+ /**
+ * Data provider.
+ *
+ * @return array
+ */
+ public function data_set_cron_array_input_validation() {
+ return array(
+ 'null' => array(
+ 'input' => null,
+ 'expected' => 1,
+ ),
+ // Function _get_cron_array() may return `false`, so this is the PHP 8.1 "problem" test.
+ 'false' => array(
+ 'input' => false,
+ 'expected' => 1,
+ ),
+ 'empty array' => array(
+ 'input' => array(),
+ 'expected' => 1,
+ ),
+ 'cron array' => array(
+ 'input' => array(
+ 'version' => 2,
+ time() => array(
+ 'hookname' => array(
+ 'event key' => array(
+ 'schedule' => 'schedule',
+ 'args' => 'args',
+ 'interval' => 'interval',
+ ),
+ ),
+ ),
+ ),
+ 'expected' => 2,
+ ),
+ );
+ }
+
+ /**
+ * Tests that `_set_cron_array()` returns `false` when the cron option was not updated.
+ *
+ * @dataProvider data_set_cron_array_returns_false_when_not_updated
+ *
+ * @param array $input Cron array.
+ * @param mixed $wp_error Value to use for $wp_error.
+ */
+ public function test_set_cron_array_returns_false_when_not_updated( $input, $wp_error ) {
+ $this->assertFalse( _set_cron_array( $input ) );
+ }
+
+ /**
+ * Data provider.
+ *
+ * @return array
+ */
+ public function data_set_cron_array_returns_false_when_not_updated() {
+ return array(
+ 'empty array' => array(
+ 'input' => array(),
+ 'wp_error' => false,
+ ),
+ 'cron array' => array(
+ 'input' => array(
+ 'version' => 2,
+ ),
+ 'wp_error' => 0,
+ ),
+ );
+ }
+
+ /**
+ * Tests that `_set_cron_array()` returns a WP_Error object when the cron option was not updated and `$wp_error` is truthy.
+ *
+ * @dataProvider data_set_cron_array_returns_WP_Error_when_not_updated
+ *
+ * @param array $input Cron array.
+ * @param mixed $wp_error Value to use for $wp_error.
+ */
+ public function test_set_cron_array_returns_WP_Error_when_not_updated( $input, $wp_error ) {
+ $result = _set_cron_array( $input, $wp_error );
+ $this->assertWPError( $result, 'Return value is not an instance of WP_Error.' );
+ $this->assertSame( 'could_not_set', $result->get_error_code(), 'WP_Error error code does not match expected code.' );
+ }
+
+ /**
+ * Data provider.
+ *
+ * @return array
+ */
+ public function data_set_cron_array_returns_WP_Error_when_not_updated() {
+ return array(
+ 'empty array' => array(
+ 'input' => array(),
+ 'wp_error' => true,
+ ),
+ 'cron array' => array(
+ 'input' => array(
+ 'version' => 2,
+ ),
+ 'wp_error' => 1,
+ ),
+ );
+ }
+
+ /**
+ * Tests that `_set_cron_array()` returns true when the cron option was updated and `$wp_error` is truthy.
+ */
+ public function test_set_cron_array_does_not_return_WP_Error_when_updated() {
+ $result = _set_cron_array(
+ array(
+ 'version' => 2,
+ time() => array(
+ 'hookname' => array(
+ 'event key' => array(
+ 'schedule' => 'schedule',
+ 'args' => 'args',
+ 'interval' => 'interval',
+ ),
+ ),
+ ),
+ ),
+ true
+ );
+
+ $this->assertTrue( $result );
+ }
+}
</ins></span></pre>
</div>
</div>
</body>
</html>