spleen1981
commented
2 years ago Based on the path in the log does not look like the latest master. However I did not find any evident cause in current code, is this replicable?
Closed Hr0bar closed 2 years ago
spleen1981
commented
2 years ago Based on the path in the log does not look like the latest master. However I did not find any evident cause in current code, is this replicable?
Hr0bar
commented
2 years ago Its the latest release version 3.12.0
It was triggered by this request apparently by the logs:
"POST /?q=user%2Fpassword&name%5B%23post_render%5D%5B%5D=passthru&name%5B%23type%5D=markup&name%5B%23markup%5D=dir HTTP/1.1" 200
I could not replicate it. Its the only request from that IP, and its from an unusual location, could have been a bot/exploit scanner or something, so high chance for unusual requests
spleen1981
commented
2 years ago ok, I see.
Here there's a custom GET query var with the same name (name) of an inbuilt query var used internally to query posts.
Several keys are defined in the custom query var, hence the resulting name query var is an associative array looking like:
array(3) { ["#post_render"]=> array(1) { [0]=> string(8) "passthru" } ["#type"]=> string(6) "markup" ["#markup"]=> string(3) "dir" }
instead of the expected string, causing the php error.
QTX side is fixed with #1200, though it's a weird case, but note that you would still get a fatal error later upstream in WP, as some keys in the query vars array are not tested properly to cover this.
Fatal error: Uncaught TypeError: trim(): Argument #1 ($string) must be of type string, array given in wp-includes\class-wp-query.php:803
Hi, this is the first time we have seen this in the error log, not sure what caused it, but may be useful for you:
PHP Warning: urldecode() expects parameter 1 to be string, array given in /opt/bitnami/wordpress/wp-content/plugins/qtranslate-xt/modules/slugs/src/slugs-class-slugs.php on line 976'