If you use Xdebug for debugging WordPress-based sites there’s something you should be aware of. If function created with PHP’s create_function()
are hooked to WordPress actions or filters, any time $wp_filters
is in the scope Xdebug sends invalid XML to the Xdebug client, (like your IDE). If the Xdebug client doesn’t deal with the invalid characters before attempting to parse the XML it will fail. IDEs deal with the parsing failure in different ways, SublimeTextXdebug doesn’t show the call stack or list of current variables but doesn’t crash entirely so debugging can continue. I don’t know how other IDEs handle the failure.
Why the XML is Invalid
create_function()
makes a new function, gives it a random name that starts with a null character, and returns that function name as a string. When that string is passed to WordPress’s add_filter()
or add_action()
functions the name that create_function()
returned is used as an array key in deep within the $wp_filters
global. When Xdebug sends the list of variables back to an Xdebug client it is sent as XML and the null character encoded as � which is illegal in XML.
How to solve the Problem
Ideally Xdebug would only send valid XML to the Xdebug client, but the bug report has been open for a year and doesn’t seem to be high priority so developers should solve the problem by avoiding create_function()
Avoiding create_function()
is Good Coding
create_function()
eval()
‘s the code that’s passed as the second argument, and eval()
is something to be avoided, so create_function()
is too. This Xdebug bug makes us avoid create_function()
for actions and filters in order to keep Xdebug useful, with the side effect of making our code a bit more secure.