[wp-trac] [WordPress Trac] #59585: Unchecked variable creates fatal error in wp-includes/class-wp-user-query.php
WordPress Trac
noreply at wordpress.org
Tue Oct 10 13:32:17 UTC 2023
#59585: Unchecked variable creates fatal error in wp-includes/class-wp-user-
query.php
-------------------------------+-----------------------------
Reporter: Frederic Pilon | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 6.3.2
Severity: normal | Keywords: has-patch
Focuses: php-compatibility |
-------------------------------+-----------------------------
Hello!
I've ran into a bug that had me need to modify core.
I have no clue why this bug happens in this setup in particular, i've got
other WP websites running on the same server with no problem, but this one
crashes with no plugins and twenty twenty two active.
Here is what I found; at line 483 there is an array_filter that passes a
variable to the function... without verifying the variable is actually
what is expected.
Bug is present in 6.3.2
{{{#!php
<?php
[...]
foreach ( $available_roles as $role => $role_data ) {
$role_caps = array_keys( array_filter(
$role_data['capabilities'] ) );
foreach ( $capabilities as $cap ) { [...]
}}}
I fixed it by checking the variable is something before doing the
array_filter
{{{#!php
<?php
foreach ( $available_roles as $role => $role_data ) {
$role_caps = '';
if(isset($role_data['capabilities'])){
$role_caps = array_keys( array_filter(
$role_data['capabilities'] ) );
}else{
return false;
}
foreach ( $capabilities as $cap ) {
}}}
I would like this to be added to core, so it doesnt crash anymore and wont
crash when I update WordPress next time.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/59585>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list