Skip to:
Content

bbPress.org

Opened 7 years ago

Closed 7 years ago

Last modified 5 years ago

#3190 closed defect (bug) (fixed)

Undefined $args[0] in meta_map filter for the topics and replies

Reported by: chriscct7's profile chriscct7 Owned by: jjj's profile jjj
Milestone: 2.6 Priority: normal
Severity: normal Version:
Component: API - Roles/Capabilities Keywords: good-first-bug has-patch
Cc: contato@…, chriscct7@…

Description

Over the years, a lot of bbPress users have apparently opened tickets on WordPress.org support forums for various plugins that were "breaking" bbPress due to a set of undefined offset notices in the capabilities parts of bbPress. I got one of these today on one of my plugins:

Notice: Undefined offset: 0 in /bbpress/includes/topics/capabilities.php on line 80
Notice: Undefined offset: 0 in /bbpress/includes/replies/capabilities.php on line 62

Above both of these lines, bbPress just needs to add the following (a patch I'd submit but I literally just uninstalled both sublime and tortoiseSVN):

if ( empty( $args[0] ) ) { 
   return $caps;
}

This will prevent the attempted access of $args[0], which is normally the array of mapped meta caps for custom post types, but in the case of another plugin registering a non-CPT tied meta-cap on a non-post type (example: a settings screen), $args will be an empty array, which bbPress doesn't check for before trying to access, resulting in the above errors.

Attachments (2)

3190-1.diff (2.9 KB) - added by espellcaste 7 years ago.
3190-2.diff (3.9 KB) - added by espellcaste 7 years ago.

Download all attachments as: .zip

Change History (13)

#1 @chriscct7
7 years ago

  • Keywords good-first-patch added

#2 @netweb
7 years ago

  • Keywords good-first-bug added; good-first-patch removed
  • Milestone changed from Future Release to 2.6

Thanks @chriscct7 :+1:

#3 @netweb
7 years ago

  • Keywords needs-patch added

@espellcaste
7 years ago

#4 @espellcaste
7 years ago

  • Cc contato@… added
  • Keywords has-patch added; needs-patch removed

I didn't add to the Forum post type because I'm assuming this bug doesn't happen there. But maybe it is better to double check over there as well.

What do you guys think?

#5 @chriscct7
7 years ago

  • Keywords needs-patch added; has-patch removed

Hi there,
The code should be:

if ( empty( $args[0] ) ) { 
   return $caps;
}

empty() in PHP is the equivalent of ! isset($var) || $var == false so there's no need to do both if ( ! isset( $args[0] ) || empty( $args[0] ) ) { it can just be if ( empty( $args[0] ) ) {

In the case that $args[0] is not set, it should return $caps, and thus not proceed further, because in the case of the included patch, execution will continue and $args[0] will still be undefined and will throw the same error.

Therefore the patch above just needs all of the changes of

if ( ! isset( $args[0] ) || empty( $args[0] ) ) {
     $caps = array();
}

swapped out with

if ( empty( $args[0] ) ) { 
   return $caps;
}

Alternatively, instead of new lines, the lines containing

$_post = get_post( $args[0] ); 

could be modified into

$_post = ! empty( $args[0] ) ? get_post( $args[0] ) : false; 

#6 @chriscct7
7 years ago

  • Owner set to jjj

(per slack discussion)

Last edited 7 years ago by chriscct7 (previous) (diff)

@espellcaste
7 years ago

#7 @chriscct7
7 years ago

3190-2.diff looks good to me

#8 @chriscct7
7 years ago

  • Keywords has-patch added; needs-patch removed

#9 @chriscct7
7 years ago

  • Cc chriscct7@… added

#10 @johnjamesjacoby
7 years ago

  • Resolution set to fixed
  • Status changed from new to closed

In 6783:

Caps: Check for $args[0] and bail if empty.

This change avoids debug notices when single forum/topic/reply capability checks are done without having passed in a post ID.

Props espellcaste, chriscct7. Fixes #3190.

This ticket was mentioned in Slack in #bbpress by casiepa. View the logs.


5 years ago

Note: See TracTickets for help on using tickets.