Skip to content

Commit

Permalink
fix: Fixes incorrect order of array_replace_recursive arguments & oth…
Browse files Browse the repository at this point in the history
…er issues (#434)

* fix: Fixes incorrect order of array_replace_recursive arguments & other issues

* Fixes #433
* Fixes #432
* Fixes #431
* Further clean-up & standardization between object-cache.php & wp-redis.php.
* Fixes incorrect order of array_replace_recursive arguments.
* Addresses issue with port still not being null for socket connections due to defaults array_repalce_recursive use.

* fix: Fixes sanitization methods and linting issues

* Adjusts some items to use type-based sanitization.
* Adds linting expection handling with comments for cases that require it.

* fix: Removes invalid change made in #437

* Reverts this incorrect change that was made due to the incorrect use of `array_replace_recursive()`.

* update  changelog

* Update wp-redis.php

* update language in changelogs

* fix missing closing )

---------

Co-authored-by: Chris Reynolds <chris@jazzsequence.com>
Co-authored-by: Phil Tyler <philip@tylerdigital.com>
  • Loading branch information
3 people authored Jun 23, 2023
1 parent 16f20bd commit c3a5242
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 14 deletions.
3 changes: 3 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,9 @@ There's a known issue with WordPress `alloptions` cache design. Specifically, a
### 1.4.3-dev ###
* Bug fix: Fixes assumption that CACHE_PORT & CACHE_PASSWORD are Set. [[428](https://github.com/pantheon-systems/wp-redis/pull/428)] (props @timnolte)
* Adds WP.org validation GitHub action [[#435](https://github.com/pantheon-systems/wp-redis/pull/435)]
* Bug fix: Fixes incorrect order of `array_replace_recursive` and other issues [[434](https://github.com/pantheon-systems/wp-redis/pull/434)] (props @timnolte)
* Bug fix: Replace use of wp_strip_all_tags in object-cache.php [[434](https://github.com/pantheon-systems/wp-redis/pull/434)] (props @timnolte)
* Bug fix: Don't strip tags from the cache password. [[434](https://github.com/pantheon-systems/wp-redis/pull/434)] (props @timnolte)

### 1.4.2 (May 15, 2023) ###
* Bug fix: Removes exception loop caused by `esc_html` in `_exception_handler()` [[421](https://github.com/pantheon-systems/wp-redis/pull/421)]
Expand Down
17 changes: 10 additions & 7 deletions object-cache.php
Original file line number Diff line number Diff line change
Expand Up @@ -1247,10 +1247,14 @@ public function build_client_parameters( $redis_server ) {
// Attempt to automatically load Pantheon's Redis config from the env.
if ( isset( $_SERVER['CACHE_HOST'] ) ) {
$redis_server = [
'host' => wp_strip_all_tags( $_SERVER['CACHE_HOST'] ),
'port' => isset( $_SERVER['CACHE_PORT'] ) ? wp_strip_all_tags( $_SERVER['CACHE_PORT'] ) : $port,
'auth' => isset( $_SERVER['CACHE_PASSWORD'] ) ? wp_strip_all_tags( $_SERVER['CACHE_PASSWORD'] ) : null,
'database' => isset( $_SERVER['CACHE_DB'] ) ? wp_strip_all_tags( $_SERVER['CACHE_DB'] ) : $database,
// Don't use WP methods to sanitize the host due to plugin loading issues with other caching methods.
// @phpcs:ignore WordPressVIPMinimum.Functions.StripTags.StripTagsOneParameter,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
'host' => strip_tags( $_SERVER['CACHE_HOST'] ),
'port' => ! empty( $_SERVER['CACHE_PORT'] ) ? intval( $_SERVER['CACHE_PORT'] ) : $port,
// Don't attempt to sanitize passwords as this can break authentication.
// @phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
'auth' => ! empty( $_SERVER['CACHE_PASSWORD'] ) ? $_SERVER['CACHE_PASSWORD'] : null,
'database' => ! empty( $_SERVER['CACHE_DB'] ) ? intval( $_SERVER['CACHE_DB'] ) : $database,
];
} else {
$redis_server = [
Expand All @@ -1263,9 +1267,8 @@ public function build_client_parameters( $redis_server ) {

if ( file_exists( $redis_server['host'] ) && 'socket' === filetype( $redis_server['host'] ) ) { // unix socket connection.
// port must be null or socket won't connect.
unset( $redis_server['port'] );
$port = null;
} elseif ( ! empty( $redis_server['port'] ) ) { // tcp connection.
$port = $redis_server['port'];
}

$defaults = [
Expand All @@ -1277,7 +1280,7 @@ public function build_client_parameters( $redis_server ) {
// 1s timeout, 100ms delay between reconnections.

// merging the defaults with the original $redis_server enables any custom parameters to get sent downstream to the redis client.
return array_replace_recursive( $redis_server, $defaults );
return array_replace_recursive( $defaults, $redis_server );
}

/**
Expand Down
3 changes: 3 additions & 0 deletions readme.txt
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,9 @@ There's a known issue with WordPress `alloptions` cache design. Specifically, a
= 1.4.3-dev =
* Bug fix: Fixes assumption that CACHE_PORT & CACHE_PASSWORD are Set. [[428](https://github.com/pantheon-systems/wp-redis/pull/428)] (props @tnolte)
* Adds WP.org validation GitHub action [[#435](https://github.com/pantheon-systems/wp-redis/pull/435)]
* Bug fix: Fixes incorrect order of `array_replace_recursive` and other issues [[434](https://github.com/pantheon-systems/wp-redis/pull/434)] (props @timnolte)
* Bug fix: Replace use of wp_strip_all_tags in object-cache.php [[434](https://github.com/pantheon-systems/wp-redis/pull/434)] (props @timnolte)
* Bug fix: Don't strip tags from the cache password. [[434](https://github.com/pantheon-systems/wp-redis/pull/434)] (props @timnolte)

= 1.4.2 (May 15, 2023) =
* Bug fix: Removes exception loop caused by `esc_html` in `_exception_handler()` [[421](https://github.com/pantheon-systems/wp-redis/pull/421)]
Expand Down
24 changes: 17 additions & 7 deletions wp-redis.php
Original file line number Diff line number Diff line change
Expand Up @@ -35,21 +35,29 @@
*/
function wp_redis_get_info() {
global $wp_object_cache, $redis_server;
// Default Redis port.
$port = 6379;
// Default Redis database number.
$database = 0;

if ( empty( $redis_server ) ) {
// Attempt to automatically load Pantheon's Redis config from the env.
if ( isset( $_SERVER['CACHE_HOST'] ) ) {
$redis_server = [
'host' => sanitize_text_field( $_SERVER['CACHE_HOST'] ),
'port' => isset( $_SERVER['CACHE_PORT'] ) ? sanitize_text_field( $_SERVER['CACHE_PORT'] ) : 6379,
'auth' => isset( $_SERVER['CACHE_PASSWORD'] ) ? sanitize_text_field( $_SERVER['CACHE_PASSWORD'] ) : null,
'database' => isset( $_SERVER['CACHE_DB'] ) ? sanitize_text_field( $_SERVER['CACHE_DB'] ) : 0,
// Don't use WP methods to sanitize the host due to plugin loading issues with other caching methods.
// @phpcs:ignore WordPressVIPMinimum.Functions.StripTags.StripTagsOneParameter,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
'host' => strip_tags( $_SERVER['CACHE_HOST'] ),
'port' => ! empty( $_SERVER['CACHE_PORT'] ) ? intval( $_SERVER['CACHE_PORT'] ) : $port,
// Don't attempt to sanitize passwords as this can break authentication.
// @phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
'auth' => ! empty( $_SERVER['CACHE_PASSWORD'] ) ? $_SERVER['CACHE_PASSWORD'] : null,
'database' => ! empty( $_SERVER['CACHE_DB'] ) ? intval( $_SERVER['CACHE_DB'] ) : $database,
];
} else {
$redis_server = [
'host' => '127.0.0.1',
'port' => 6379,
'database' => 0,
'port' => $port,
'database' => $database,
];
}
}
Expand All @@ -73,7 +81,9 @@ function wp_redis_get_info() {
} else {
$uptime_in_days .= ' days';
}
$database = ! empty( $redis_server['database'] ) ? $redis_server['database'] : 0;
if ( ! empty( $redis_server['database'] ) ) {
$database = $redis_server['database'];
}
$key_count = 0;
if ( isset( $info[ 'db' . $database ] ) && preg_match( '#keys=([\d]+)#', $info[ 'db' . $database ], $matches ) ) {
$key_count = $matches[1];
Expand Down

0 comments on commit c3a5242

Please sign in to comment.