[Closed] Types shortcode breaks after WordPress 4.2.3 autoupgrade

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

This topic contains 55 replies, has 28 voices.

Last updated by thomasS-11 4 years ago.

Assigned support staff: Luo Yang.

Author
Posts
#319154

Thank you for contacting Toolset support, I'd be delighted to assist!

Oh no! I know how important your sites are you to and having them work properly is our top priority. I'm dedicated to help come to a solution.

It is always important to maintain backups for production sites that you cannot afford to have go down, I would strongly suggest creating a backup strategy if you have already not done so. WordPress can sometimes be unpredictable and more often than not, some updates may break functionality of any plugin.

There are certainly many out there, here is a review blog post I found: hidden link With the proper backup strategy, issues such as these go from a critical concern to a relatively minor annoyance as you can simply rollback the site. (Don't forget about your hosting control panel backup methods as an alternative such as in cPanel and Plesk - is free to use).

loannis, I would like to request temporary access to your wp-admin and FTP. I have enabled the next reply to be private and will be sending this issue to our T2 with the highest priority.

#319156

I would like to ask all other customers who are experiencing a different issue than this specific case to open their own forum thread so we can distribute the workload across multiple Supporters and ensure we can assist as quickly as possible.

I appreciate your cooperation!

#319158

The answer and quick solution is given already. Replace the shortcode.php with the previous version. and wait for updated plugin version. Just my thoughts.

#319173

This issue is related to the following 4.2.3 changeset: https://core.trac.wordpress.org/changeset/33360

Among other things it patches a security hole related to shortcodes inside html attributes. Your development team must get on this ASAP and find a solution as a lot customers may be using types/views/cred shortcodes in such a manner that they are now broken.

This affects mainly views users that use content templates and have mixed HTML and Shortcodes in the HTML attributes such as :
<img src="[types field="image_url" ...

As suggested a quick fix/hack is for users to temporarily revert to the 4.2.2 shortcodes.php until this issue is resolved but this "may" break other functionality introduced in 4.2.3. A full restore to 4.2.2 may be more appropriate.

#319201

Thanks to both of you for the suggestion to replace wp-includes/shortcodes.php. That did the trick.

I turned off WordPress Core automatic updates in wp-config.php:

//Turn off WordPress Core automatic updates
define( 'WP_AUTO_UPDATE_CORE', false );

I ran a diff between shortcodes.php 4.2.2 and 4.2.3. One thing that jumps out is "// Avoids parsing HTML when there are no shortcodes or embeds anyway" when there are shortcodes matching the regex pattern that aren't being parsed. I'm sure there will be a 4.2.3.1 release in short order.

Update: Just saw Ioannis' reply. He points out that the change that doesn't parse shortcode/HTML combo templates is indeed the core of the problem.

4.2.2, do_shortcode and strip_shortcodes functions in 4.2.2 shortcodes.php. NOTE: These aren't complete files, so do not copy them to your site.

/* 4.2.2 */
/**
 * Regular Expression callable for do_shortcode() for calling shortcode hook.
 * @see get_shortcode_regex for details of the match array contents.
 *
 * @since 2.5.0
 * @access private
 * @uses $shortcode_tags
 *
 * @param array $m Regular expression match array
 * @return mixed False on failure.
 */
function do_shortcode($content) {
	global $shortcode_tags;

	if ( false === strpos( $content, '[' ) ) {
		return $content;
	}

	if (empty($shortcode_tags) || !is_array($shortcode_tags))
		return $content;

	$pattern = get_shortcode_regex();
	return preg_replace_callback( "/$pattern/s", 'do_shortcode_tag', $content );
}

/* snip */

function strip_shortcodes( $content ) {
	global $shortcode_tags;

	if ( false === strpos( $content, '[' ) ) {
		return $content;
	}

	if (empty($shortcode_tags) || !is_array($shortcode_tags))
		return $content;

	$pattern = get_shortcode_regex();

	return preg_replace_callback( "/$pattern/s", 'strip_shortcode_tag', $content );
}

4.2.3, do_shortcode and strip_shortcodes functions in 4.2.3 shortcodes.php. NOTE: These aren't complete files, so do not copy them to your site.

/* 4.2.3 */
/**
 * Search content for shortcodes and filter shortcodes through their hooks.
 *
 * If there are no shortcode tags defined, then the content will be returned
 * without any filtering. This might cause issues when plugins are disabled but
 * the shortcode will still show up in the post or content.
 *
 * @since 2.5.0
 *
 * @global array $shortcode_tags List of shortcode tags and their callback hooks.
 *
 * @param string $content Content to search for shortcodes.
 * @param bool $ignore_html When true, shortcodes inside HTML elements will be skipped.
 * @return string Content with shortcodes filtered out.
 */
function do_shortcode( $content, $ignore_html = false ) {
	global $shortcode_tags;

	if ( false === strpos( $content, '[' ) ) {
		return $content;
	}

	if (empty($shortcode_tags) || !is_array($shortcode_tags))
		return $content;

	$tagnames = array_keys($shortcode_tags);
	$tagregexp = join( '|', array_map('preg_quote', $tagnames) );
	$pattern = "/\\[($tagregexp)/s";

	if ( 1 !== preg_match( $pattern, $content ) ) {
		// Avoids parsing HTML when there are no shortcodes or embeds anyway.
		return $content;
	}

	$content = do_shortcodes_in_html_tags( $content, $ignore_html );

	$pattern = get_shortcode_regex();
	$content = preg_replace_callback( "/$pattern/s", 'do_shortcode_tag', $content );
	
	// Always restore square braces so we don't break things like <!--[if IE ]>
	$content = unescape_invalid_shortcodes( $content );
	
	return $content;
}


/* snip */

function strip_shortcodes( $content ) {
	global $shortcode_tags;

	if ( false === strpos( $content, '[' ) ) {
		return $content;
	}

	if (empty($shortcode_tags) || !is_array($shortcode_tags))
		return $content;

	$content = do_shortcodes_in_html_tags( $content, true );

	$pattern = get_shortcode_regex();
	$content = preg_replace_callback( "/$pattern/s", 'strip_shortcode_tag', $content );

	// Always restore square braces so we don't break things like <!--[if IE ]>
	$content = unescape_invalid_shortcodes( $content );
	
	return $content;
}
#319204

Do not like to downgrade/replace file, if for security reasons - hope an answer is found soon here or at WordPress 🙂

#319224

Sean, loannis and others - Thank you so much for the workaround and specific steps!

We do test for every WordPress release, the issue is that WordPress Team thought it'd be a good idea to add the breaking code change 33 hours right before their release.

Peer - as no one could see this coming, even if they tested with preview versions - I don't think switching to ACF would make much difference as this could of affected any Plugin/Theme developer. This is why it's so important to have proper backups so you can easily revert a change, due to any reason.

Our lead developers are hard at work to resolve this in our code, I also feel as if a WordPress update will be out soon as we aren't the only ones with major breakage.

#319226

We are all having the same issue, so i think it pointless to open a new thread. I am adding my name to the list so I can get a email notification with a solution.

#319233

Agreed Armando, I have edited my previous post.

#319240

I'm also experiencing the same issue.

I don't see much point in opening new support threads, as the problem seems to have been identified and the solution will be the same for all of us.

#319244

Same problem here. I'm pretty sure this problem will concern also other plugin and custom shortcodes. I think from now a lot of people will rethink about the opportunity to leave the autoupdate on. Waiting for a solution. Best regards.

#319246

we are experiencing issues as well. Does this team not test this plugin with overnight builds prior to upgrades of wordpress?!?!?!

#319250

Have the same issue. Post it Just to be updated per Mail. Thank you and kind regards.

#319254

Shortcode temp fix worked.

#319255

HELLO!!! Same issue here! This is unacceptable!

The topic ‘[Closed] Types shortcode breaks after WordPress 4.2.3 autoupgrade’ is closed to new replies.