Skip to content

PHP/PregQuoteDelimiter: add XML documentation #2677

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rodrigoprimo wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

PHP/PregQuoteDelimiter: add XML documentation #2677

rodrigoprimo wants to merge 1 commit into from

Conversation

@rodrigoprimo
Copy link
Collaborator

@rodrigoprimo rodrigoprimo commented Dec 23, 2025

Description

This PR adds XML documentation for the WordPress.PHP.PregQuoteDelimiter sniff.

The documentation is based on the work started by @tikifez in #2487. I squashed the original commits and, in a separate commit, made subsequent changes based on the review left in #2487.

I suggest squashing those two commits before merging. I'm opening the PR without doing that to make it easier to tell my changes apart from the original changes.

Suggested changelog entry

N/A

Related issues/external references

Related to: #1722
Supersedes: #2487

jrfnl
jrfnl requested changes Dec 23, 2025
View reviewed changes
Copy link
Member

@jrfnl jrfnl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rodrigoprimo Thanks for picking this up!

I do think this needs more work though to ensure that the documentation isn't just technically correct, but also helps people to understand why they should follow this best practice.

WordPress/Docs/PHP/PregQuoteDelimiterStandard.xml Outdated
>
<standard>
<![CDATA[
Passing the $delimiter parameter to preg_quote() is strongly recommended to ensure the delimiter used in the regex is properly escaped.
Copy link
Member

@jrfnl jrfnl Dec 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Passing the $delimiter parameter to preg_quote() is strongly recommended to ensure the delimiter used in the regex is properly escaped.
Passing the $delimiter parameter to preg_quote() is strongly recommended to ensure the regular expression delimiter is properly escaped if it occurs in the arbitrary text string passed to `preg_quote()`.

Just to be clear: The $delimiter is not used in the regex, it is used to deliminate the regex (outside boundaries). The whole point of passing the deliminator to preg_quote() is to prevent that character from ending up in the regex without escaping (which will often break the regex and can lead to security issues/fatal errors/etc).

This part of the original description was not wrong in that respect:

If it is not passed, the default delimiter / is presumed, which is often wrong.

Copy link
Collaborator Author

@rodrigoprimo rodrigoprimo Dec 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I implemented your suggestion with a small change to avoid using preg_quote() twice.

This part of the original description was not wrong in that respect:

If it is not passed, the default delimiter / is presumed, which is often wrong.

I'm not sure whether we are interpreting the above statement differently, but I don't think it is correct. I read it as saying that if the $delimiter parameter is not passed, the function uses / as the default value, which is not the case.

Copy link
Member

@jrfnl jrfnl Dec 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This part of the original description was not wrong in that respect:

If it is not passed, the default delimiter / is presumed, which is often wrong.

I'm not sure whether we are interpreting the above statement differently, but I don't think it is correct. I read it as saying that if the $delimiter parameter is not passed, the function uses / as the default value, which is not the case.

Ah, good point. All the more reason for the $delimiter needing to be passed.

@rodrigoprimo
Copy link
Collaborator Author

rodrigoprimo commented Dec 23, 2025

Thanks for your review, @jrfnl. I implemented the changes you suggested, with a few minor modifications.

jrfnl
jrfnl reviewed Dec 23, 2025
View reviewed changes
jrfnl
jrfnl approved these changes Dec 23, 2025
View reviewed changes
Copy link
Member

@jrfnl jrfnl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @rodrigoprimo ! Happy with it as it is now.

Just left one non-blocking suggestion inline to consider.

@jrfnl jrfnl added this to the 3.3.x milestone Dec 23, 2025
@rodrigoprimo rodrigoprimo force-pushed the docs-preg-quote-delimiter branch from 04e48c8 to 0670e8a Compare December 24, 2025 10:32
@rodrigoprimo
Copy link
Collaborator Author

rodrigoprimo commented Dec 24, 2025

Just documenting that I squashed all the commits into one without changes.

@tikifez @jrfnl @rodrigoprimo
PHP/PregQuoteDelimiter: add XML documentation
fae2dc0 
Co-authored-by: Juliette <663378+jrfnl@users.noreply.github.com>
@rodrigoprimo rodrigoprimo force-pushed the docs-preg-quote-delimiter branch from 0670e8a to fae2dc0 Compare December 24, 2025 10:54
@jrfnl jrfnl mentioned this pull request Dec 25, 2025
Open
61 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jrfnl jrfnl jrfnl approved these changes

Assignees

No one assigned

Labels

Component: Extra Status: Review ready Type: Documentation

Projects

None yet

Milestone

3.3.x

Development

Successfully merging this pull request may close these issues.

3 participants

@rodrigoprimo @jrfnl @tikifez