Project

General

Profile

Actions

Feature #15194

open

PHPCS sniff for un-restored switch_to_blog() calls

Added by Boone Gorges about 2 years ago. Updated 2 months ago.

Status:
New
Priority name:
Normal
Assignee:
Category name:
Internal Tools and Workflow
Target version:
Start date:
2022-01-14
Due date:
% Done:

0%

Estimated time:
Deployment actions:

Description

When switch_to_blog() is called but not properly "closed" via restore_current_blog(), havoc ensues. The most recent instance of this is #15170.

We should introduce a PHPCS sniff to our custom ruleset that looks for switch_to_blog(), and then ensures that all code paths out of the method have a restore_current_blog() before returning.

Actions #1

Updated by Boone Gorges about 2 years ago

I just spent five minutes looking, and it's not immediately obvious to me how to do this in PHPCS. Here's the one custom sniff I've written: https://github.com/cuny-academic-commons/cac/blob/1.19.x/developer/phpcs/CAC/Sniffs/Database/RequirePrimaryKeySniff.php I think it would work similar to this https://github.com/cuny-academic-commons/cac/blob/dbaafcd561fa7a646a947e11d7158183610ae262/developer/phpcs/CAC/Sniffs/Database/RequirePrimaryKeySniff.php#L91, in that you'd find instances of `switch_to_blog()`, then parse all remaining tokens until you get to the end of the method. You'd have to identify the difference between various code paths (like stuff in an if block - not sure how to do that) and look for all possible ways to return from the method; then verify that each of the paths has a restore_current_blog().

Let's file this away as a project we can tackle once our scope for the academic year becomes clearer.

Actions #2

Updated by Boone Gorges almost 2 years ago

  • Assignee changed from Boone Gorges to Jeremy Felt

Tentatively assigning to Jeremy for research.

Actions #3

Updated by Boone Gorges almost 2 years ago

  • Target version changed from 2.0.0 to 2.1.0
Actions #4

Updated by Boone Gorges about 1 year ago

  • Target version changed from 2.1.0 to 2.2.0
Actions #5

Updated by Boone Gorges about 1 year ago

I've been playing with PHPStan static analysis on a few other projects, and I wonder whether it might be a better tool for this purpose. See https://phpstan.org/, https://github.com/szepeviktor/phpstan-wordpress

Actions #6

Updated by Boone Gorges 5 months ago

  • Target version changed from 2.2.0 to 2.3.0
Actions #7

Updated by Boone Gorges 2 months ago

  • Target version changed from 2.3.0 to 2.4.0
Actions

Also available in: Atom PDF