[wp-trac] [WordPress Trac] #37077: Replacing one variable handler for another to ensure proper conditional check occurs 100%.

WordPress Trac noreply at wordpress.org
Sat Jun 11 23:18:59 UTC 2016 

#37077: Replacing one variable handler for another to ensure proper conditional
check occurs 100%.
-------------------------+-----------------------------
 Reporter:  chadschulz   |      Owner:
     Type:  enhancement  |     Status:  new
 Priority:  normal       |  Milestone:  Awaiting Review
Component:  General      |    Version:  4.5.2
 Severity:  normal       |   Keywords:
  Focuses:               |
-------------------------+-----------------------------
 I have a likely non-reproduceable problem that, nonetheless, still
 indicates a failure of a conditional check in wp-class.php.

 I'd been receiving log file non-critical php errors/warnings for months
 referencing the rawurlencode() on line 528 getting an array variable.
 Which is not allowed for that function, hence the error.

 When I changed line 526's conditional check from
 {{{
 if ( !is_scalar($this->query_vars[$wpvar]) )
 }}}
 to
 {{{
 if ( ( !is_scalar($this->query_vars[$wpvar]) ||
 is_array($this->query_vars[$wpvar]) ) )
 }}}
 the errors went away.

 Bad plugin/theme code, notwithstanding, the fact that the conditional
 check fails at all indicates a need for "refinement". That's the whole
 point of these checks, to ensure bad code doesn't take down a website.

 I'm even wondering if a more streamlined code change for line 526 to
 {{{
 if ( !is_string($this->query_vars[$wpvar]) )
 }}}
 is more appropriate as string variables are all that rawurlencode()
 allows.

 I hated changing any core file. But, I was able to quickly address a small
 issue that shouldn't have been allowed by the core. I don't think this
 change would impact anyone, the function build_query_string() this code
 falls within has been depreciated, anyway.

 BTW, I'm not sure why is_scalar() is failing. However, I came across a few
 instances across the web with similar quirks. Everyone of those problems
 was addressed in a similar fashion (i.e. using is_array() or !is_string()
 instead of !is_scalar()).

 Source code from wp-class.php:

 {{{
 521             public function build_query_string() {
 522                     $this->query_string = '';
 523                     foreach ( (array) array_keys($this->query_vars) as
 $wpvar) {
 524                             if ( '' != $this->query_vars[$wpvar] ) {
 525                                     $this->query_string .=
 (strlen($this->query_string) < 1) ? '' : '&';
 526                                     if (
 !is_scalar($this->query_vars[$wpvar]) ) // Discard non-scalars.
 527                                             continue;
 528                                     $this->query_string .= $wpvar .
 '=' . rawurlencode($this->query_vars[$wpvar]);
 529                             }
 530                     }
 }}}

--
Ticket URL: <https://core.trac.wordpress.org/ticket/37077>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list