[wp-trac] [WordPress Trac] #61577: health check count display bug
WordPress Trac
noreply at wordpress.org
Fri Jul 5 02:33:45 UTC 2024
#61577: health check count display bug
--------------------------+-----------------------------
Reporter: gqevu6bsiz | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 6.5.5
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
WP: 6.5.5
PHP: 8.2
I found this bug with using OWASP ZAP.
I got this error
{{{
PHP Fatal error: Uncaught TypeError: number_format(): Argument #1 ($num)
must be of type float, string given in /wp-includes/functions.php:424
Stack trace:
#0 /wp-includes/functions.php(424): number_format()
#1 /wp-admin/menu.php(368): number_format_i18n()
#2 /wp-admin/admin.php(158): require('...')
#3 /wp-admin/index.php(10): require_once('...')
#4 {main}
thrown in /wp-includes/functions.php on line 424
}}}
Then, I found that the error was in the below code.
wp-admin/menu.php line 349 - 369
{{{#!php
$get_issues = get_transient( 'health-check-site-status-result' );
$issue_counts = array();
if ( false !== $get_issues ) {
$issue_counts = json_decode( $get_issues, true );
}
if ( ! is_array( $issue_counts ) || ! $issue_counts ) {
$issue_counts = array(
'good' => 0,
'recommended' => 0,
'critical' => 0,
);
}
$site_health_count = sprintf(
'<span class="menu-counter site-health-counter count-%s"><span
class="count">%s</span></span>',
$issue_counts['critical'],
number_format_i18n( $issue_counts['critical'] )
);
}}}
An error occurs when **critical** value is not a number.
I think this values is usually only number but in my case was string.
wp-admin/includes/ajax-actions.php line 5445 - 5455
{{{#!php
function wp_ajax_health_check_site_status_result() {
check_ajax_referer( 'health-check-site-status-result' );
if ( ! current_user_can( 'view_site_health_checks' ) ) {
wp_send_json_error();
}
set_transient( 'health-check-site-status-result', wp_json_encode(
$_POST['counts'] ) );
wp_send_json_success();
}
}}}
I think probably that OWASP ZAP requests the string.
I think that not enough validation when save for transient data(health-
check-site-status-result).
The error can be with the following code
{{{#!php
add_action( 'admin_footer' , 'example_admin_footer' );
function example_admin_footer() {
?>
<script>
jQuery(function( $ ) {
const _wpnonce = '<?php echo esc_js( wp_create_nonce( 'health-check-
site-status-result' ) ); ?>';
const counts = {
'critical': 'test',
'good': 3,
'recommended': 8
};
$.ajax({
type: 'post',
url: ajaxurl,
data: {
'action': 'health-check-site-status-result',
'_wpnonce': _wpnonce,
'counts': counts
}
}).done( function( xhr ) {
console.log(xhr);
});
});
</script>
<?php
}
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61577>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list