wp/wp-admin/includes/upgrade.php
changeset 22 8c2e4d02f4ef
parent 21 48c4eec2b7e6
--- a/wp/wp-admin/includes/upgrade.php	Fri Sep 05 18:40:08 2025 +0200
+++ b/wp/wp-admin/includes/upgrade.php	Fri Sep 05 18:52:52 2025 +0200
@@ -44,7 +44,16 @@
 	 *     @type string $password_message The explanatory message regarding the password.
 	 * }
 	 */
-	function wp_install( $blog_title, $user_name, $user_email, $is_public, $deprecated = '', $user_password = '', $language = '' ) {
+	function wp_install(
+		$blog_title,
+		$user_name,
+		$user_email,
+		$is_public,
+		$deprecated = '',
+		#[\SensitiveParameter]
+		$user_password = '',
+		$language = ''
+	) {
 		if ( ! empty( $deprecated ) ) {
 			_deprecated_argument( __FUNCTION__, '2.6.0' );
 		}
@@ -75,7 +84,7 @@
 		update_option( 'blog_public', $is_public );
 
 		// Freshness of site - in the future, this could get more specific about actions taken, perhaps.
-		update_option( 'fresh_site', 1 );
+		update_option( 'fresh_site', 1, false );
 
 		if ( $language ) {
 			update_option( 'WPLANG', $language );
@@ -278,7 +287,8 @@
 To get started with moderating, editing, and deleting comments, please visit the Comments screen in the dashboard.
 Commenter avatars come from <a href="%s">Gravatar</a>.'
 			),
-			esc_url( __( 'https://en.gravatar.com/' ) )
+			/* translators: The localized Gravatar URL. */
+			esc_url( __( 'https://gravatar.com/' ) )
 		);
 		$wpdb->insert(
 			$wpdb->comments,
@@ -459,7 +469,7 @@
 			 * Delete any caps that snuck into the previously active blog. (Hardcoded to blog 1 for now.)
 			 * TODO: Get previous_blog_id.
 			 */
-			if ( ! is_super_admin( $user_id ) && 1 != $user_id ) {
+			if ( ! is_super_admin( $user_id ) && 1 !== $user_id ) {
 				$wpdb->delete(
 					$wpdb->usermeta,
 					array(
@@ -562,7 +572,13 @@
 	 * @param string $password   Administrator's password. Note that a placeholder message is
 	 *                           usually passed instead of the actual password.
 	 */
-	function wp_new_blog_notification( $blog_title, $blog_url, $user_id, $password ) {
+	function wp_new_blog_notification(
+		$blog_title,
+		$blog_url,
+		$user_id,
+		#[\SensitiveParameter]
+		$password
+	) {
 		$user      = new WP_User( $user_id );
 		$email     = $user->user_email;
 		$name      = $user->user_login;
@@ -638,16 +654,16 @@
 	 *
 	 * @since 2.1.0
 	 *
-	 * @global int  $wp_current_db_version The old (current) database version.
-	 * @global int  $wp_db_version         The new database version.
+	 * @global int $wp_current_db_version The old (current) database version.
+	 * @global int $wp_db_version         The new database version.
 	 */
 	function wp_upgrade() {
 		global $wp_current_db_version, $wp_db_version;
 
-		$wp_current_db_version = __get_option( 'db_version' );
+		$wp_current_db_version = (int) __get_option( 'db_version' );
 
 		// We are up to date. Nothing to do.
-		if ( $wp_db_version == $wp_current_db_version ) {
+		if ( $wp_db_version === $wp_current_db_version ) {
 			return;
 		}
 
@@ -699,10 +715,10 @@
 function upgrade_all() {
 	global $wp_current_db_version, $wp_db_version;
 
-	$wp_current_db_version = __get_option( 'db_version' );
+	$wp_current_db_version = (int) __get_option( 'db_version' );
 
 	// We are up to date. Nothing to do.
-	if ( $wp_db_version == $wp_current_db_version ) {
+	if ( $wp_db_version === $wp_current_db_version ) {
 		return;
 	}
 
@@ -862,6 +878,14 @@
 		upgrade_650();
 	}
 
+	if ( $wp_current_db_version < 58975 ) {
+		upgrade_670();
+	}
+
+	if ( $wp_current_db_version < 60421 ) {
+		upgrade_682();
+	}
+
 	maybe_disable_link_manager();
 
 	maybe_disable_automattic_widgets();
@@ -922,7 +946,7 @@
 		foreach ( $allposts as $post ) {
 			// Check to see if it's already been imported.
 			$cat = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->post2cat WHERE post_id = %d AND category_id = %d", $post->ID, $post->post_category ) );
-			if ( ! $cat && 0 != $post->post_category ) { // If there's no result.
+			if ( ! $cat && 0 !== (int) $post->post_category ) { // If there's no result.
 				$wpdb->insert(
 					$wpdb->post2cat,
 					array(
@@ -961,6 +985,7 @@
  *
  * @ignore
  * @since 1.2.0
+ * @since 6.8.0 User passwords are no longer hashed with md5.
  *
  * @global wpdb $wpdb WordPress database abstraction object.
  */
@@ -976,21 +1001,14 @@
 		}
 	}
 
-	$users = $wpdb->get_results( "SELECT ID, user_pass from $wpdb->users" );
-	foreach ( $users as $row ) {
-		if ( ! preg_match( '/^[A-Fa-f0-9]{32}$/', $row->user_pass ) ) {
-			$wpdb->update( $wpdb->users, array( 'user_pass' => md5( $row->user_pass ) ), array( 'ID' => $row->ID ) );
-		}
-	}
-
 	// Get the GMT offset, we'll use that later on.
 	$all_options = get_alloptions_110();
 
 	$time_difference = $all_options->time_difference;
 
-		$server_time = time() + gmdate( 'Z' );
-	$weblogger_time  = $server_time + $time_difference * HOUR_IN_SECONDS;
-	$gmt_time        = time();
+	$server_time    = time() + (int) gmdate( 'Z' );
+	$weblogger_time = $server_time + $time_difference * HOUR_IN_SECONDS;
+	$gmt_time       = time();
 
 	$diff_gmt_server       = ( $gmt_time - $server_time ) / HOUR_IN_SECONDS;
 	$diff_weblogger_server = ( $weblogger_time - $server_time ) / HOUR_IN_SECONDS;
@@ -1095,7 +1113,7 @@
 	// Some versions have multiple duplicate option_name rows with the same values.
 	$options = $wpdb->get_results( "SELECT option_name, COUNT(option_name) AS dupes FROM `$wpdb->options` GROUP BY option_name" );
 	foreach ( $options as $option ) {
-		if ( 1 != $option->dupes ) { // Could this be done in the query?
+		if ( $option->dupes > 1 ) { // Could this be done in the query?
 			$limit    = $option->dupes - 1;
 			$dupe_ids = $wpdb->get_col( $wpdb->prepare( "SELECT option_id FROM $wpdb->options WHERE option_name = %s LIMIT %d", $option->option_name, $limit ) );
 			if ( $dupe_ids ) {
@@ -1445,7 +1463,7 @@
 		$links = $wpdb->get_results( "SELECT link_id, link_category FROM $wpdb->links" );
 		if ( ! empty( $links ) ) {
 			foreach ( $links as $link ) {
-				if ( 0 == $link->link_category ) {
+				if ( 0 === (int) $link->link_category ) {
 					continue;
 				}
 				if ( ! isset( $link_cat_id_map[ $link->link_category ] ) ) {
@@ -1670,7 +1688,7 @@
 		 * Previously, setting depth to 1 would redundantly disable threading,
 		 * but now 2 is the minimum depth to avoid confusion.
 		 */
-		if ( get_option( 'thread_comments_depth' ) == '1' ) {
+		if ( 1 === (int) get_option( 'thread_comments_depth' ) ) {
 			update_option( 'thread_comments_depth', 2 );
 			update_option( 'thread_comments', 0 );
 		}
@@ -1843,7 +1861,7 @@
 		if ( 'yes' === $wpdb->get_var( "SELECT autoload FROM $wpdb->options WHERE option_name = 'uninstall_plugins'" ) ) {
 			$uninstall_plugins = get_option( 'uninstall_plugins' );
 			delete_option( 'uninstall_plugins' );
-			add_option( 'uninstall_plugins', $uninstall_plugins, null, 'no' );
+			add_option( 'uninstall_plugins', $uninstall_plugins, null, false );
 		}
 	}
 }
@@ -2339,7 +2357,7 @@
 			$can_compress_scripts = get_option( 'can_compress_scripts', false );
 			if ( false !== $can_compress_scripts ) {
 				delete_option( 'can_compress_scripts' );
-				add_option( 'can_compress_scripts', $can_compress_scripts, '', 'yes' );
+				add_option( 'can_compress_scripts', $can_compress_scripts, '', true );
 			}
 		}
 	}
@@ -2392,10 +2410,75 @@
 			)
 		);
 
-		$autoload = array_fill_keys( $theme_mods_options, 'no' );
+		$autoload = array_fill_keys( $theme_mods_options, false );
 		wp_set_option_autoload_values( $autoload );
 	}
 }
+/**
+ * Executes changes made in WordPress 6.7.0.
+ *
+ * @ignore
+ * @since 6.7.0
+ *
+ * @global int  $wp_current_db_version The old (current) database version.
+ */
+function upgrade_670() {
+	global $wp_current_db_version;
+
+	if ( $wp_current_db_version < 58975 ) {
+		$options = array(
+			'recently_activated',
+			'_wp_suggested_policy_text_has_changed',
+			'dashboard_widget_options',
+			'ftp_credentials',
+			'adminhash',
+			'nav_menu_options',
+			'wp_force_deactivated_plugins',
+			'delete_blog_hash',
+			'allowedthemes',
+			'recovery_keys',
+			'https_detection_errors',
+			'fresh_site',
+		);
+
+		wp_set_options_autoload( $options, false );
+	}
+}
+
+/**
+ * Executes changes made in WordPress 6.8.2.
+ *
+ * @ignore
+ * @since 6.8.2
+ *
+ * @global int $wp_current_db_version The old (current) database version.
+ */
+function upgrade_682() {
+	global $wp_current_db_version;
+
+	if ( $wp_current_db_version < 60421 ) {
+		// Upgrade Ping-O-Matic and Twingly to use HTTPS.
+		$ping_sites_value = get_option( 'ping_sites' );
+		$ping_sites_value = explode( "\n", $ping_sites_value );
+		$ping_sites_value = array_map(
+			function ( $url ) {
+				$url = trim( $url );
+				$url = sanitize_url( $url );
+				if (
+					str_ends_with( trailingslashit( $url ), '://rpc.pingomatic.com/' )
+					|| str_ends_with( trailingslashit( $url ), '://rpc.twingly.com/' )
+				) {
+					$url = set_url_scheme( $url, 'https' );
+				}
+				return $url;
+			},
+			$ping_sites_value
+		);
+		$ping_sites_value = array_filter( $ping_sites_value );
+		$ping_sites_value = implode( "\n", $ping_sites_value );
+		update_option( 'ping_sites', $ping_sites_value );
+	}
+}
 
 /**
  * Executes network-level upgrade routines.
@@ -2518,7 +2601,7 @@
 			$upgrade = false;
 			$indexes = $wpdb->get_results( "SHOW INDEXES FROM $wpdb->signups" );
 			foreach ( $indexes as $index ) {
-				if ( 'domain_path' === $index->Key_name && 'domain' === $index->Column_name && 140 != $index->Sub_part ) {
+				if ( 'domain_path' === $index->Key_name && 'domain' === $index->Column_name && '140' !== $index->Sub_part ) {
 					$upgrade = true;
 					break;
 				}
@@ -2818,7 +2901,7 @@
  *                                 semicolons. Default empty string.
  * @param bool            $execute Optional. Whether or not to execute the query right away.
  *                                 Default true.
- * @return array Strings containing the results of the various update queries.
+ * @return string[] Strings containing the results of the various update queries.
  */
 function dbDelta( $queries = '', $execute = true ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid
 	global $wpdb;
@@ -3088,7 +3171,7 @@
 				$fieldtype_base = strtok( $fieldtype_without_parentheses, ' ' );
 
 				// Is actual field type different from the field type in query?
-				if ( $tablefield->Type != $fieldtype ) {
+				if ( $tablefield->Type !== $fieldtype ) {
 					$do_change = true;
 					if ( in_array( $fieldtype_lowercased, $text_fields, true ) && in_array( $tablefield_type_lowercased, $text_fields, true ) ) {
 						if ( array_search( $fieldtype_lowercased, $text_fields, true ) < array_search( $tablefield_type_lowercased, $text_fields, true ) ) {
@@ -3128,7 +3211,7 @@
 				// Get the default value from the array.
 				if ( preg_match( "| DEFAULT '(.*?)'|i", $cfields[ $tablefield_field_lowercased ], $matches ) ) {
 					$default_value = $matches[1];
-					if ( $tablefield->Default != $default_value ) {
+					if ( $tablefield->Default !== $default_value ) {
 						// Add a query to change the column's default value
 						$cqueries[] = "ALTER TABLE {$table} ALTER COLUMN `{$tablefield->Field}` SET DEFAULT '{$default_value}'";
 
@@ -3167,7 +3250,7 @@
 					'fieldname' => $tableindex->Column_name,
 					'subpart'   => $tableindex->Sub_part,
 				);
-				$index_ary[ $keyname ]['unique']     = ( 0 == $tableindex->Non_unique ) ? true : false;
+				$index_ary[ $keyname ]['unique']     = ( '0' === $tableindex->Non_unique ) ? true : false;
 				$index_ary[ $keyname ]['index_type'] = $tableindex->Index_type;
 			}
 
@@ -3519,7 +3602,7 @@
 
 	// Make the new site theme active.
 	$current_template = __get_option( 'template' );
-	if ( WP_DEFAULT_THEME == $current_template ) {
+	if ( WP_DEFAULT_THEME === $current_template ) {
 		update_option( 'template', $template );
 		update_option( 'stylesheet', $template );
 	}