Hello, we are having an error when clicking 'Configure WAF" in Admin Tools Wordpress. This error occurs on two of our sites. I've included the error and debug messages at the bottom of the email. I have investigated and produced a fix, which works. For us, we get the error by clicking on Admin Tools, click on WAF, click on configure WAF, and then the error below is displayed.
The error is in admintoolswp/app/library/mvc/view/html.php(198): htmlspecialchars(Array, 2, 'UTF-8')
Function 'escape' is passing $var to htmlspecialcars, which expects a string as the first parameter. Instead, the parameter $var sometimes contains an array, as it is when we click 'configure WAF'. I've outputted the array and it is the IP exception list: I was able to fix it by this code below, which splits the elements in $var into a comma-separated string. It then works correctly. I wonder how $var got to be an array in the first place: in both WordPress sites, we imported settings from Admin Tools from a JOOMLA site, and I wonder if the way the exception IPs were stored in the Joomla plugin was slightly different than in the Wordpress plugin? Either way, thought we should share this with you all, especially because we would prefer to be able to do regular autoupdates with the plugin, instead of having to refix each time. Thanks,
public function escape($var)
197 {
198 if (is_array($var)) {
199 // echo "**** var is array, " . print_r($var,true);
200 $newvar = "";
201 for ($i=0;$i<count($var);$i++) {
202 if ($i != 0) $newvar.=",";
203 $newvar.=$var[$i][0];
204 }
205 $var = $newvar;
206 // die();
207 }
208 return htmlspecialchars($var ?? '', ENT_COMPAT, 'UTF-8');
209 }
Error Message: (click on Admin Tools, click on WAF, click on configure WAF, this error appears:
"Admin Tools – Internal Application Error
Admin Tools has stopped responding due to an unhandled internal application error.
If you are a subscriber and need to request support please include all of the following information in your support
request. Thank you!
htmlspecialchars(): Argument #1 ($string) must be of type string, array given
Exception type
TypeError
File and line
<WordPress Root>/wp-content/plugins/admintoolswp/app/library/mvc/view/html.php (202)
Debug backtrace
#0 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/library/mvc/view/html.php(202): htmlspecialchars(Array, 2, 'UTF-8')
#1 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/view/configurewaf/tmpl/exceptions.php(18): Akeeba\AdminTools\Library\Mvc\View\Html->escape(Array)
#2 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/view/configurewaf/tmpl/default.php(93): include('/home/adyartheo...')
#3 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/library/mvc/view/html.php(260): include('/home/adyartheo...')
#4 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/library/mvc/view/html.php(153): Akeeba\AdminTools\Library\Mvc\View\Html->includeTemplate()
#5 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/library/mvc/controller/controller.php(153): Akeeba\AdminTools\Library\Mvc\View\Html->display()
#6 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/dispatcher/dispatcher.php(104): Akeeba\AdminTools\Library\Mvc\Controller\Controller->display()
#7 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/helpers/admintoolswp.php(263): Akeeba\AdminTools\Admin\Dispatcher\Dispatcher::route()
#8 /home/adyartheo/public_html/wp-includes/class-wp-hook.php(324): AdminToolsWP::boot('')
#9 /home/adyartheo/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters('', Array)
#10 /home/adyartheo/public_html/wp-includes/plugin.php(517): WP_Hook->do_action(Array)
#11 /home/adyartheo/public_html/wp-admin/admin.php(259): do_action('toplevel_page_a...')
#12 {main}
System information
Admin Tools Version
1.6.7 (released 2024-08-28)
PHP Version
8.1.31
WordPress Version
6.7.1
Database
MySQL 8.0.41
WordPress Multisite
No
Operating System
Linux
Memory limit
256M
Memory usage
61,601,560 bytes
Maximum memory usage
61,892,976 bytes
The error is in admintoolswp/app/library/mvc/view/html.php(198): htmlspecialchars(Array, 2, 'UTF-8')
Function 'escape' is passing $var to htmlspecialcars, which expects a string as the first parameter. Instead, the parameter $var sometimes contains an array, as it is when we click 'configure WAF'. I've outputted the array and it is the IP exception list: I was able to fix it by this code below, which splits the elements in $var into a comma-separated string. It then works correctly. I wonder how $var got to be an array in the first place: in both WordPress sites, we imported settings from Admin Tools from a JOOMLA site, and I wonder if the way the exception IPs were stored in the Joomla plugin was slightly different than in the Wordpress plugin? Either way, thought we should share this with you all, especially because we would prefer to be able to do regular autoupdates with the plugin, instead of having to refix each time. Thanks,
public function escape($var)
197 {
198 if (is_array($var)) {
199 // echo "**** var is array, " . print_r($var,true);
200 $newvar = "";
201 for ($i=0;$i<count($var);$i++) {
202 if ($i != 0) $newvar.=",";
203 $newvar.=$var[$i][0];
204 }
205 $var = $newvar;
206 // die();
207 }
208 return htmlspecialchars($var ?? '', ENT_COMPAT, 'UTF-8');
209 }
Error Message: (click on Admin Tools, click on WAF, click on configure WAF, this error appears:
"Admin Tools – Internal Application Error
Admin Tools has stopped responding due to an unhandled internal application error.
If you are a subscriber and need to request support please include all of the following information in your support
request. Thank you!
htmlspecialchars(): Argument #1 ($string) must be of type string, array given
Exception type
TypeError
File and line
<WordPress Root>/wp-content/plugins/admintoolswp/app/library/mvc/view/html.php (202)
Debug backtrace
#0 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/library/mvc/view/html.php(202): htmlspecialchars(Array, 2, 'UTF-8')
#1 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/view/configurewaf/tmpl/exceptions.php(18): Akeeba\AdminTools\Library\Mvc\View\Html->escape(Array)
#2 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/view/configurewaf/tmpl/default.php(93): include('/home/adyartheo...')
#3 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/library/mvc/view/html.php(260): include('/home/adyartheo...')
#4 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/library/mvc/view/html.php(153): Akeeba\AdminTools\Library\Mvc\View\Html->includeTemplate()
#5 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/library/mvc/controller/controller.php(153): Akeeba\AdminTools\Library\Mvc\View\Html->display()
#6 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/app/dispatcher/dispatcher.php(104): Akeeba\AdminTools\Library\Mvc\Controller\Controller->display()
#7 /home/adyartheo/public_html/wp-content/plugins/admintoolswp/helpers/admintoolswp.php(263): Akeeba\AdminTools\Admin\Dispatcher\Dispatcher::route()
#8 /home/adyartheo/public_html/wp-includes/class-wp-hook.php(324): AdminToolsWP::boot('')
#9 /home/adyartheo/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters('', Array)
#10 /home/adyartheo/public_html/wp-includes/plugin.php(517): WP_Hook->do_action(Array)
#11 /home/adyartheo/public_html/wp-admin/admin.php(259): do_action('toplevel_page_a...')
#12 {main}
System information
Admin Tools Version
1.6.7 (released 2024-08-28)
PHP Version
8.1.31
WordPress Version
6.7.1
Database
MySQL 8.0.41
WordPress Multisite
No
Operating System
Linux
Memory limit
256M
Memory usage
61,601,560 bytes
Maximum memory usage
61,892,976 bytes
