Latest version 2.41.1 is crashing the site

I can confirm.

It’s a site-wide fatal PHP error after upgrading. This is happening across all my sites (which are set to auto-update so hopefully a fix is released before they auto-update to this broken release.)

Fix:

/wp-content/plugins/simple-history/loggers/SimpleLogger.php

Line 626 :

esc_attr($ip_address), // 4

replace it with

esc_attr($ip_address) // 4

You need to remove the comma and the site is back online.

It appears the fix is to delete the , at the end of the sprintf function’s arguments which is at the end of line 626 in the loggers/SimpleLogger.php file in the plugin.

In effect,

$ip_addresses_html .= sprintf(
    '<a target="_blank" href="%3$s" class="SimpleHistoryLogitem__anonUserWithIp__theIp" data-ip-address="%4$s">%1$s</a>, ',
    esc_html($ip_address), // 1
    esc_html($ip_address_header), // 2
    $iplookup_link, // 3
    esc_attr($ip_address), // 4
);

needs to become

$ip_addresses_html .= sprintf(
    '<a target="_blank" href="%3$s" class="SimpleHistoryLogitem__anonUserWithIp__theIp" data-ip-address="%4$s">%1$s</a>, ',
    esc_html($ip_address), // 1
    esc_html($ip_address_header), // 2
    $iplookup_link, // 3
    esc_attr($ip_address) // 4
);

(notice how the comma before // 4 is not there… and allows it to be parsed properly [similar to how the sprintf for $iplookup_link just above it doesn’t have that additional comma at the end.])

*Edit* I see @dcgavril just found the fix as well, hah.

This is such a simple fix (just a basic one-character typo) so a fixed release shouldn’t be far behind (fingers crossed for the devs to jump on this right away). Or at least it really should be a quick release since this could be breaking 100,000+ active installations that could be updating to this problematic version release.

Btw, I personally recommend changing the version number to 2.41.1.1 (x.x.x.1 being a hotfix, or something to that effect) in the index.php file of the plugin so the plugin can be a version newer than the problematic one while it then doesn’t prevent a 2.41.2 release, or something like that, in the future.

At that point, if you manage multiple sites, you can preemptively deploy this patched version to sites that might still be wanting to auto-update to the problematic version that’s yet to be patched on WP.org right now (while also using it on sites that have already been broken).

Also, considering the very large install base for this plugin & the encouragement to utilize auto-update on things like plugins… hopefully, something happens in the future so that fatal errors like these aren’t allowed to take hours (2+ hours, as of now, in this case) for future releases.

One can’t just release an update and walk away or whatever might’ve happened here when it can affect so many sites. Yes, problematic releases can & do happen (wanting to prevent them, of course), but they should then really be addressed quickly if/when they happen (with this then being something that should be a near-immediate fix given it’s a simple typo being fixed & then pushing a new release, unless I’m mistaken.)

I say this because I really like this plugin & want to continue to utilize it. I also don’t want to spend time cleaning up 100+ sites that encounter a site-wide fatal server error due to them all being set to auto-update plugins while a problematic update is allowed to linger so they all eventually will update to a bad release (rather than having maybe just one or two sites catching the bad update & it then being quickly fixed via a new release that comes out shortly after so none of the other sites encounter it.) I hope that makes sense. I don’t want to come across as overly rough or unfair.

I do see on https://github.com/bonny/WordPress-Simple-History that the fix is in the works so I’m guessing the release of the fixed version isn’t too far away.

I am kinda curious why the GitHub update for fixing the comma is 2 hours ago while the WP.org release has been serving the old broken version for 2 hours… did something happen that WP.org didn’t receive the new version somehow…? Seems odd when this should be something to push out a fix for on WP.org ASAP since it’s taking down entire sites with it affecting more & more sites the longer it’s being served as the latest version on WP.org.

+1 here. Fortunately I have uptime monitoring and frantically disabled plugins until I found it to be this one. This is *exactly* the concern I had with auto-update, which I am now disabling across every one of my projects. Ugh.

I have to manually update each site I use this plugin. This one is to auto update everywhere.

I will disable autop-update and look for plugins options now.

Once I trusted this plugin…

Confirming crash issue and the effectiveness of the fix noted above. Thank heavens for uptime monitoring. Caught it with the first site that updated and was able to disable updates before more of them went down.

Sorry everyone for the crash. I did happen on installations with PHP 7.2 or earlier. It’s difficult to maintain code that must work all way back to PHP version 5. My code was valid – but only for recent versions of PHP.

I did lint the code and I did run tests locally before pushing this update, however my local tests are only running on a newer version of PHP apparently. I will fix that so a similar error can not happen.

I also noticed the error right away, thanks to the tests that ran on Travis CI, so the faulty code should only have been up for a short while.

Anyway, once again sorry for this. Plugins should of course never break your site.

• This reply was modified 3 years, 8 months ago by eskapism.
• This reply was modified 3 years, 8 months ago by eskapism.

Version 2.41.2 is available on www.ads-software.com now. There seems like there was a delay before the fix was downloadable. Not sure why.

The fix is the same as you mentioned and you can see that It’s 20 minutes between the wrong version and the fixed one:
https://github.com/bonny/WordPress-Simple-History/commit/41fb94b14db780a810debd16447f30def604cb25
vs
https://github.com/bonny/WordPress-Simple-History/commit/faba68d25cb7d0f3f4d1567ef603b0d58277c79a

That it’s been 8 hours with this bug not patched is alarming. I’ve disabled this plugin on all client sites.

Just saw the your note eskapism – thank you for the patch. It’s much appreciated.

Thanks for fix. But fatal errors like these aren’t usefull. I will change the update procedure on all of my wp-pages again but i have removed this plugin from all pages.

The problem is of course that once the faulty plugin is installed, it will not auto-update to the new one .. because the site is crashing.