Skip to content

fix: guard against null return from get_edit_post_link() and get_permalink() #853

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
GaryJones merged 1 commit into from
Dec 21, 2025
Merged

fix: guard against null return from get_edit_post_link() and get_permalink() #853

GaryJones merged 1 commit into from
Dec 21, 2025

Conversation

@GaryJones
Copy link
Contributor

@GaryJones GaryJones commented Dec 21, 2025

Summary

Fixes the PHP 8.1+ deprecation notice caused by passing null to htmlspecialchars_decode():

htmlspecialchars_decode(): Passing null to parameter #1 ($string) of type string is deprecated

This occurs in the notification callbacks when get_edit_post_link() or get_permalink() returns null (e.g., when the current user lacks permission to view edit links, or during unit tests without a logged-in user).

Changes

  • modules/notifications/notifications.php: Added null checks before calling htmlspecialchars_decode(). If the edit link or permalink is null, the notification callback returns early rather than sending an incomplete email.

  • tests/Integration/NotificationsTest.php: Updated tests to call wp_set_current_user() before creating posts, ensuring get_edit_post_link() returns a valid URL.

Fixes #771

Test plan

  • Notifications tests pass (2/2)
  • All other tests unaffected (pre-existing failures in CustomStatusTest are unrelated)
  • Manual testing: Create a post with no logged-in user and verify no deprecation notice

🤖 Generated with Claude Code

@GaryJones @claude
fix: guard against null return from get_edit_post_link() and get_perm…
1b97f0d 
…alink()

In PHP 8.1+, passing null to htmlspecialchars_decode() throws a
deprecation notice. This occurs when get_edit_post_link() or
get_permalink() returns null (e.g., when the current user lacks
permission to view edit links).

The notification callbacks now check for null returns and exit early,
preventing the deprecation notice from being triggered. This is
preferable to sending incomplete notification emails without valid
links.

Also updates notification tests to set the current user before creating
posts, ensuring get_edit_post_link() returns a valid URL.

Fixes #771

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@GaryJones GaryJones requested a review from a team as a code owner December 21, 2025 15:15
@GaryJones GaryJones self-assigned this Dec 21, 2025
@GaryJones GaryJones added the type: maintenance Routine maintenance and code quality improvements label Dec 21, 2025
@GaryJones GaryJones added this to the Next (minor) milestone Dec 21, 2025
@GaryJones GaryJones merged commit f267ccb into develop Dec 21, 2025
12 checks passed
@GaryJones GaryJones deleted the fix/771-htmlspecialchars-decode-null branch December 21, 2025 16:28
@GaryJones GaryJones mentioned this pull request Jan 4, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@GaryJones GaryJones

Labels

Module: Notifications type: maintenance Routine maintenance and code quality improvements

Projects

None yet

Milestone

0.10.0

Development

Successfully merging this pull request may close these issues.

Deprecation notice from htmlspecialchars_decode()

2 participants

@GaryJones