64 lines
1.7 KiB
Plaintext
64 lines
1.7 KiB
Plaintext
== Why is this an issue?
|
|
|
|
WordPress makes it possible to define options using `define` statements inside a configuration file named `wp-config.php`.
|
|
However, if the statements are located after the settings are loaded at the end of this file, they are not taken into account by WordPress.
|
|
This rule raises an issue when a `define` statement appears after `wp-settings.php` is loaded.
|
|
|
|
=== What is the potential impact?
|
|
|
|
This issue could entail more serious problems.
|
|
A configuration that is security related could be ignored and not considered without any warning.
|
|
|
|
== How to fix it in WordPress
|
|
|
|
Move the `define` statement before the statement loading `wp-settings.php`.
|
|
|
|
=== Code examples
|
|
|
|
==== Noncompliant code example
|
|
|
|
[source,php,diff-id=1,diff-type=noncompliant]
|
|
----
|
|
// in wp-config.php
|
|
|
|
define( 'WP_DEBUG', false );
|
|
|
|
/* Add any custom values between this line and the "stop editing" line. */
|
|
|
|
|
|
/* That's all, stop editing! Happy publishing. */
|
|
|
|
if ( ! defined( 'ABSPATH' ) ) {
|
|
define( 'ABSPATH', __DIR__ . '/' );
|
|
}
|
|
require_once ABSPATH . 'wp-settings.php';
|
|
|
|
define( 'WP_POST_REVISIONS', 3 ); // Noncompliant
|
|
----
|
|
|
|
==== Compliant solution
|
|
|
|
[source,php,diff-id=1,diff-type=compliant]
|
|
----
|
|
// in wp-config.php
|
|
|
|
define( 'WP_DEBUG', false );
|
|
|
|
/* Add any custom values between this line and the "stop editing" line. */
|
|
|
|
define( 'WP_POST_REVISIONS', 3 ); // Noncompliant
|
|
|
|
/* That's all, stop editing! Happy publishing. */
|
|
|
|
if ( ! defined( 'ABSPATH' ) ) {
|
|
define( 'ABSPATH', __DIR__ . '/' );
|
|
}
|
|
require_once ABSPATH . 'wp-settings.php';
|
|
----
|
|
|
|
== Resources
|
|
|
|
=== Documentation
|
|
|
|
* https://developer.wordpress.org/apis/wp-config-php/[WordPress Developer Resources - wp-config-php]
|