fix: do not allow to fall into infinite query loop on error #8
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Internally, `esc_html` calls database to find if site actually uses utf8. This has some serious implications during our new database installation (after hitting *install* button) because we land in undetermined state. 1. User hits *install* button. 2. We are not installing database yet, just checking if it's available. 3. We found out that db is not present (missing tables points that, but we collect errors). 4. During error collection we call `esc_html` to sanitize text, which again calls `get_options`, resulting in another error being collected and prepared for output, which recursively fails. --- The situation doesn't look better if we immediately enter installation state (navigating directly to `wp-admin/install.php`). This ensures that `WP_INSTALLING` constant is defined and introduces some safety checks, but those merely limits to suppressing errors, yet those are still collected in HTML format. The easiest solution allowing us to properly install database would be to drop formatting function because of it's dependencies in favour of native PHP function. Nevertheless, it might be reconsidered whether we actually need HTML output and such sanitization, especially when sometimes wpdb error outputs encoded HTML, resulting in illegible wall of plain HTML (not parsed by browser). Following original `wpdb` class implementation, we might opt-in for concise error messages, which doesn't require complex formatting (especially within database driver logic). Signed-off-by: Bart Jaskulski <[email protected]>
aristath
approved these changes
Feb 9, 2023
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Internally,
esc_htmlcalls database to find if site actually usesutf8. This has some serious implications during our new database
installation (after hitting install button) because we land in
undetermined state.
we collect errors).
esc_htmlto sanitize text, whichagain calls
get_options, resulting in another error being collectedand prepared for output, which recursively fails.
The situation doesn't look better if we immediately enter installation
state (navigating directly to
wp-admin/install.php). This ensures thatWP_INSTALLINGconstant is defined and introduces some safety checks,but those merely limits to suppressing errors, yet those are still
collected in HTML format.
The easiest solution allowing us to properly install database would be
to drop formatting function because of it's dependencies in favour of
native PHP function. Nevertheless, it might be reconsidered whether we
actually need HTML output and such sanitization, especially when
sometimes wpdb error outputs encoded HTML, resulting in illegible wall
of plain HTML (not parsed by browser). Following original
wpdbclassimplementation, we might opt-in for concise error messages, which
doesn't require complex formatting (especially within database driver
logic).
Signed-off-by: Bart Jaskulski [email protected]