Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Contact Form: Defensive coding against bad hash #20923

Merged
merged 6 commits into from
Feb 3, 2022
Merged

Contact Form: Defensive coding against bad hash #20923

merged 6 commits into from
Feb 3, 2022

Conversation

kraftbj
Copy link
Contributor

@kraftbj kraftbj commented Sep 1, 2021

In some cases that I haven't been able to duplicate yet, the hash could be an array. This fails to validate it in that case.

I tried to duplicate this by submitting an incomplete form a couple of times, but no luck.

Warning found from looking at logs:

E_WARNING: hash_equals(): Expected user_string to be a string, array given in /home//public_html/wp-content/plugins/jetpack/modules/contact-form/grunion-contact-form.php:2488

E_WARNING: stripslashes() expects parameter 1 to be string, array given in /home//public_html/wp-content/plugins/jetpack/modules/contact-form/grunion-contact-form.php:517

Changes proposed in this Pull Request:

  • See above.

Jetpack product discussion

n/a

Does this pull request change what data or activity we track or use?

n/a

Testing instructions:

  • Not sure how to duplicate. Going off of logs.

@kraftbj kraftbj added this to the jetpack/10.2 milestone Sep 1, 2021
@kraftbj kraftbj added [Status] Needs Review To request a review from Crew. Label will be renamed soon. [Type] Bug When a feature is broken and / or not performing as intended labels Sep 1, 2021
@kraftbj kraftbj self-assigned this Sep 1, 2021
@matticbot
Copy link
Contributor

Caution: This PR has changes that must be merged to WordPress.com
Hello kraftbj! These changes need to be synced to WordPress.com - If you 're an a11n, please commandeer and confirm D66247-code works as expected before merging this PR. Once this PR is merged, please commit the changes to WP.com. Thank you!
This revision will be updated with each commit to this PR

@github-actions github-actions bot added [Plugin] Jetpack Issues about the Jetpack plugin. https://wordpress.org/plugins/jetpack/ [Feature] Contact Form labels Sep 1, 2021
@github-actions
Copy link
Contributor

github-actions bot commented Sep 1, 2021
edited
Loading

Thank you for your PR!

When contributing to Jetpack, we have a few suggestions that can help us test and review your patch:

  • ✅ Include a description of your PR changes.
  • ✅ All commits were linted before commit.
  • ✅ Add a "[Status]" label (In Progress, Needs Team Review, ...).
  • ✅ Add testing instructions.
  • ✅ Specify whether this PR includes any changes to data or privacy.
  • ✅ Add changelog entries to affected projects

This comment will be updated as you work on your PR and make changes. If you think that some of those checks are not needed for your PR, please explain why you think so. Thanks for cooperation 🤖

The e2e test report can be found here. Please note that it can take a few minutes after the e2e tests checks are complete for the report to be available.

Once your PR is ready for review, check one last time that all required checks (other than "Required review") appearing at the bottom of this PR are passing or skipped.
Then, add the "[Status] Needs Team review" label and ask someone from your team review the code.
Once you’ve done so, switch to the "[Status] Needs Review" label; someone from Jetpack Crew will then review this PR and merge it to be included in the next Jetpack release.

Jetpack plugin:

  • Next scheduled release: March 1, 2022.
  • Scheduled code freeze: February 22, 2022.

jeherve
jeherve previously approved these changes Sep 2, 2021
View reviewed changes
Copy link
Member

@jeherve jeherve left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks sane. 🚢

@jeherve jeherve added [Status] Ready to Merge Go ahead, you can push that green button! and removed [Status] Needs Review To request a review from Crew. Label will be renamed soon. labels Sep 2, 2021
@kraftbj kraftbj added [Status] In Progress and removed [Status] Ready to Merge Go ahead, you can push that green button! labels Sep 2, 2021
@kraftbj
Copy link
Contributor Author

kraftbj commented Sep 2, 2021

Moving to in progress. When rebasing on WP.com, the WP.com linters aren't happy with it so I'll fix it in this PR so we avoid having any sync issues.

@jeherve jeherve removed this from the jetpack/10.2 milestone Sep 30, 2021
@matticbot
Copy link
Contributor

Caution: This PR has changes that must be merged to WordPress.com
Hello kraftbj! These changes need to be synced to WordPress.com - If you 're an a11n, please commandeer and confirm D74071-code works as expected before merging this PR. Once this PR is merged, please commit the changes to WP.com. Thank you!
This revision will be updated with each commit to this PR

@matticbot
Copy link
Contributor

Caution: This PR has changes that must be merged to WordPress.com
Hello kraftbj! These changes need to be synced to WordPress.com - If you 're an a11n, please commandeer and confirm D74079-code works as expected before merging this PR. Once this PR is merged, please commit the changes to WP.com. Thank you!
This revision will be updated with each commit to this PR

@matticbot
Copy link
Contributor

Caution: This PR has changes that must be merged to WordPress.com
Hello kraftbj! These changes need to be synced to WordPress.com - If you 're an a11n, please commandeer and confirm D74086-code works as expected before merging this PR. Once this PR is merged, please commit the changes to WP.com. Thank you!
This revision will be updated with each commit to this PR

@matticbot
Copy link
Contributor

Caution: This PR has changes that must be merged to WordPress.com
Hello kraftbj! These changes need to be synced to WordPress.com - If you 're an a11n, please commandeer and confirm D74096-code works as expected before merging this PR. Once this PR is merged, please commit the changes to WP.com. Thank you!
This revision will be updated with each commit to this PR

@kraftbj kraftbj added [Status] Needs Review To request a review from Crew. Label will be renamed soon. and removed [Status] In Progress labels Feb 2, 2022
@kraftbj kraftbj requested a review from jeherve February 2, 2022 23:28
@jeherve jeherve added this to the jetpack/10.7 milestone Feb 3, 2022
@jeherve jeherve added [Status] Ready to Merge Go ahead, you can push that green button! and removed [Status] Needs Review To request a review from Crew. Label will be renamed soon. labels Feb 3, 2022
@jeherve jeherve merged commit 8e0dff0 into master Feb 3, 2022
@jeherve jeherve deleted the fix/wporg-warning branch February 3, 2022 09:03
@github-actions
Copy link
Contributor

github-actions bot commented Feb 3, 2022

Great news! One last step: head over to your WordPress.com diff, D74096-code, and commit it.
Once you've done so, come back to this PR and add a comment with your changeset ID.

Thank you!

@github-actions github-actions bot removed the [Status] Ready to Merge Go ahead, you can push that green button! label Feb 3, 2022
@kraftbj
Copy link
Contributor Author

kraftbj commented Feb 3, 2022

Merged in rWPGIT07ee125049542037d912da58d21900a855c289bd ( r239514-wpcom )

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeherve jeherve jeherve approved these changes

Assignees

@kraftbj kraftbj

Labels
[Feature] Contact Form [Plugin] Jetpack Issues about the Jetpack plugin. https://wordpress.org/plugins/jetpack/ Touches WP.com Files [Type] Bug When a feature is broken and / or not performing as intended
Projects
None yet
Milestone
jetpack/10.7
Development

Successfully merging this pull request may close these issues.
3 participants
@kraftbj @matticbot @jeherve