[wp-trac] [WordPress Trac] #50534: Menu position conflicts not properly handled in add_menu_page function

WordPress Trac noreply at wordpress.org
Thu Jul 2 14:16:37 UTC 2020 

#50534: Menu position conflicts not properly handled in add_menu_page function
----------------------------+------------------------------
 Reporter:  nufocusuk       |       Owner:  (none)
     Type:  defect (bug)    |      Status:  new
 Priority:  normal          |   Milestone:  Awaiting Review
Component:  Administration  |     Version:  trunk
 Severity:  normal          |  Resolution:
 Keywords:                  |     Focuses:
----------------------------+------------------------------
Changes (by SergeyBiryukov):

 * component:  General => Administration


Old description:

> In add_menu_page function inside plugin.php the assignment of new menu in
> the else condition should have $position inside quotes in the same way as
> the other lines.
>
> If $position is passed in with a decimal value 103.768 (as supplied my
> MailChimp Forms by MailMunch plugin) then it fails to detect if
> $menu[103] has already been assigned by another plugin, but then
> overwrites it by impicitly treating $position as integer rather than a
> string as in $menu["103.768"].
>
> Result is that random plugins can be missing from the admin menu.
>
> if ( null === $position ) {
>         $menu[] = $new_menu;
> } elseif ( isset( $menu[ "$position" ] ) ) {
>         $position            = $position + substr( base_convert( md5(
> $menu_slug . $menu_title ), 16, 10 ), -5 ) * 0.00001;
>         $menu[ "$position" ] = $new_menu;
> } else {
>         $menu[ **$position** ] = $new_menu; //# should be change to
> **$menu[ "$position" ]  = $new_menu;**
> }

New description:

 In add_menu_page function inside plugin.php the assignment of new menu in
 the else condition should have $position inside quotes in the same way as
 the other lines.

 If `$position` is passed in with a decimal value 103.768 (as supplied my
 MailChimp Forms by MailMunch plugin) then it fails to detect if
 `$menu[103]` has already been assigned by another plugin, but then
 overwrites it by impicitly treating $position as integer rather than a
 string as in `$menu["103.768"]`.

 Result is that random plugins can be missing from the admin menu.
 {{{
 if ( null === $position ) {
         $menu[] = $new_menu;
 } elseif ( isset( $menu[ "$position" ] ) ) {
         $position            = $position + substr( base_convert( md5(
 $menu_slug . $menu_title ), 16, 10 ), -5 ) * 0.00001;
         $menu[ "$position" ] = $new_menu;
 } else {
         $menu[ **$position** ] = $new_menu; //# should be change to
 **$menu[ "$position" ]  = $new_menu;**
 }
 }}}

--

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/50534#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list