Automattic / VIP-Coding-Standards

PHP_CodeSniffer ruleset to enforce WordPress VIP coding standards.
https://wpvip.com/documentation/how-to-install-php-code-sniffer-for-wordpress-com-vip/
Other
236 stars 40 forks source link

Global memcached groups names #260

Closed rebeccahum closed 1 year ago

rebeccahum commented 6 years ago

Bug Description

We should not allow use of global memcached cache group names, as they are being used on a global scale and things go wrong (such as user login) when they are overwritten: https://github.com/Automattic/wp-memcached

Minimal Code Snippet

wp_cache_set( 'blahblah', 'blah', 'users', 1 * MINUTE_IN_SECONDS );

Tested Against master branch?

GaryJones commented 4 years ago

global memcached cache group names

Have you got a list of those @rebeccahum?

Can you give more examples of what should be flagged, and some use cases that shouldn't?

rebeccahum commented 4 years ago

In the readme.txt, the list seems to be here:

{$taxonomy}_relationships
{$meta_type}_meta
{$taxonomy}_relationships
blog-details
blog-id-cache
blog-lookup
bookmark
calendar
category
comment
counts
general
global-posts
options
plugins
post_ancestors
post_meta
posts
rss
site-lookup
site-options
site-transient
terms
themes
timeinfo
transient
user_meta
useremail
userlogins
usermeta
users
userslugs
widget
GaryJones commented 4 years ago

So, new sniff, look for wp_cache_set function calls, check third arg is one of those from the list, and give an Error, severity 5.

GaryJones commented 1 year ago

Noting that @WPprodigy is working on https://github.com/automattic/wp-cache-memcached as a replacement / update to https://github.com/automattic/wp-memcached so the global group names may change.

WPprodigy commented 1 year ago

Hmm, I'm not entirely sure we want to prevent this. There could be valid use cases for using one of the existing global groups in a safe way.

GaryJones commented 1 year ago

That's fine with me. Thanks!