Issue with the latest wp-update-server version
Opened this issue · 5 comments
Have been working for many years fine, but now recently I see that wp-update-server folder is generating error_log file which has quickly grown into a 1GB in size.
These are the errors:
[23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 949 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 1245 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 1270 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 1610 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 1612 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 1833 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 1835 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2098 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2098 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2107 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2145 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2145 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2164 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2165 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2269 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2281 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2281 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2292 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2293 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2651 [23-Feb-2022 11:16:14 Europe/Riga] PHP Deprecated: Array and string offset access syntax with curly braces is deprecated in /wp-content/wp-update-server/includes/extension-meta/markdown.php on line 2969
So the real issue now is this:
I tried downloading the latest version, the errors disappeared, however I noticed that now my customers are able to update even if the license key has expired.
Using the old version, if the license key had expired and user tried to update, WordPress put out this message: "Automatic update is unavailable for this plugin."
I guess I should mention that I'm protecting download links by validating license keys and depending on the key, if it is valid and active - the user is returned a plugin update link with the full plugin, but if the license has expired, the user gets a link to .zip file which only includes the readme file (containing information about the latest version and what is included) along with one .php file with the name of the plugin and only plugin header data. This is done because it is good to show users with expired licenses that there are updates and he should renew the license to download the latest version.
And the interesting issue is that one of my users was allowed to download the empty .zip which contained just the readme and one php file so now he has a plugin but it is just an empty shell :)
Any way to resolve this issue? I would like to know what could be done to make sure WordPress in these situations simply outputs "Automatic update is unavailable for this plugin." as before so nobody would be able to download the empty shell version, but still would be able to see readme file of the latest version?
I think the simplest solution would be to just unset the download_url field instead of replacing it with a link to an "empty shell" .zip file. That's what I do for my plugin when a user has an expired license key. This should make WordPress display the "automatic update is unavailable" message.
As to the reason why using an empty .zip no longer works with the latest version: I must admit I don't know; I don't see how it could have worked in the first place. Maybe I've forgotten some detail about how older versions handled download links. Or maybe your version had some additional customizations that were overwritten when updating to the latest version?
Thanks for responsing so fast @YahnisElsts
Is there any way to display latest version readme file if I return an empty download_url or at least that there is an update available?
Unless I'm missing something, you don't need to do anything special to accomplish that. Even if you replace the download_url, the update server should still return the same readme information. It loads that information from the .zip file that's on the disk, not from the URL.
I guess there might be a confusion here.
I would like to show the changelog of the new version "View version X.X details" (please see the attachment) which is taken from the readme file of the new update. This data is not available on the disk since this is the new version which is not accessible yet and can be read from the link, right?
Short answer: I'm talking about the file that's on the update server, not about the files that the user has.
I'm not sure what your mental model is, so I'll probably over-explain the process. When someone clicks the "View version x.y details" link, what happens is something like this:
- The "Plugins" page opens a pop-up that shows an iframe.
- In the iframe, WordPress calls the
plugins_api()function to retrieve various plugin information such as the sections of the readme file. plugin-update-checkerintercepts that call.plugin-update-checkersends an HTTP request to the update server asking for plugin information.wp-update-serverfinds the relevant ZIP file in itspackagesdirectory.wp-update-serverextracts the plugin version number, readme file contents, and other details from the ZIP file.- In practice, this information will usually be cached. The server won't parse the ZIP file every time.
wp-update-serveroutputs the plugin information as an HTTP response. This response includes a list of readme sections like "Changelog".plugin-update-checkerreceives the response and hands the relevant parts to WordPress.- WordPress formats the plugin information and shows it to the user.