PHP Fatal error: Uncaught TypeError: Unsupported operand types: string + string

  • Resolved splaquet

    (@splaquet)


    5 months, 2 weeks ago

    The plugin auto-updated overnight and we were greeted by this fatal error message this morning. (v2.15.0 > v2.15.1)

    The odd part is that this wasn’t the case on another site sharing the same server (and most of the same plugins). I’m going to troubleshoot this in our dev environment, but wanted to report.

    [12-Dec-2025 13:56:47 UTC] PHP Fatal error:  Uncaught TypeError: Unsupported operand types: string + string in /var/www/html/domain.com/wp-content/plugins/constant-contact-forms/includes/class-api.php:1687
    Stack trace:
    #0 /var/www/html/domain.com/wp-content/plugins/constant-contact-forms/includes/class-api.php(219): ConstantContact_API->access_token_maybe_expired()
    #1 /var/www/html/domain.com/wp-includes/class-wp-hook.php(341): ConstantContact_API->cct_init()
    #2 /var/www/html/domain.com/wp-includes/class-wp-hook.php(365): WP_Hook->apply_filters()
    #3 /var/www/html/domain.com/wp-includes/plugin.php(522): WP_Hook->do_action()
    #4 /var/www/html/domain.com/wp-settings.php(742): do_action()
    #5 /var/www/html/domain.com/wp-config.php(84): require_once('...')
    #6 /var/www/html/domain.com/wp-load.php(50): require_once('...')
    #7 /var/www/html/domain.com/wp-admin/admin-ajax.php(22): require_once('...')
    #8 {main}
      thrown in /var/www/html/domain.com/wp-content/plugins/constant-contact-forms/includes/class-api.php on line 1687
    • This topic was modified 5 months, 2 weeks ago by splaquet. Reason: added versions
Viewing 11 replies - 1 through 11 (of 11 total)
  • spatton99

    (@spatton99)

    5 months, 2 weeks ago

    The (temporary) fix until there’s a patch issued by the developer is to change line 1687 of /includes/class-api.php

    FROM:
    $expiration_time = $issued_time + $expires_in;

    TO:
    $expiration_time = (int) $issued_time + (int) $expires_in;

    the code doesn’t currently ensure that the strings are cast as integers.

    Plugin Contributor Michael Beckwith

    (@tw2113)

    The BenchPresser

    5 months, 2 weeks ago

    What PHP version are both of you on?

    Asking because that specific line hasn’t been changed since version 2.2.0 was released, but I know we did a required PHP upgrade with 2.15.0 which I could see causing an changed thrown error like this.

    spatton99

    (@spatton99)

    5 months, 2 weeks ago

    I’m running PHP 8.4. Since PHP 8 no longer allows string + string operations and WordPress stores option values as strings, the operands need to be cast to integers. The fix above works universally for PHP 8.0+. It’s a plugin-side type-safety issue rather than an environment issue.

    Plugin Contributor Michael Beckwith

    (@tw2113)

    The BenchPresser

    5 months, 2 weeks ago

    Definitely willing to patch things up on the plugin side, at the same time though I’m curious why it just suddenly came up as my local is running 8.4 as well, and no issue here. Regardless, better safe than sorry with this and getting things matching.

    spatton99

    (@spatton99)

    5 months, 2 weeks ago

    My *guess* is that since this function is called access_token_maybe_expired(), it only gets called in certain scenarios. I know that in our case, the plugin was installed by a previous dev, and there’s no indication in our docs anywhere of what account he used to register the plugin, or if it was registered by the client because he had granted the client an admin role.

    We’ve had the Constant Contact Forms has detected errors that indicate a need to manually disconnect and reconnect your Constant Contact account. Visit the Connection Settings to manage. message for a while now, but we can’t disconnect and reconnect because we have no indication of what the account should be.

    The site where we’re using this plugin has already signed on for a rebuild, and we’ll likely end up using a different solution for the forms than what he used so that we can maintain consistency with our other sites.

    Thread Starter splaquet

    (@splaquet)

    5 months, 2 weeks ago

    I’m running php8.3.

    I did a complete troubleshooting test in my dev environment. I can recreate the problem with 2025 theme and no other plugins installed. …but, I’m still able to use it on another site of mine, so rather odd.

    Also, it works as expected with any previous version.

    Am I reading these other posts correctly, in that it’s the way the connection is made from the user and the API? I must be misunderstanding that…

    • This reply was modified 5 months, 2 weeks ago by splaquet.
    spatton99

    (@spatton99)

    5 months, 2 weeks ago

    To be clear, the issue only happens when that function is called. What exactly triggers the function call, I couldn’t say for sure – I’m just a user. Considering it’s a function called access_token_maybe_expired() and it’s in /includes/class-api.php, logically, I would assume that the function is called upon authentication (or lack thereof) to an API.

    Plugin Contributor Michael Beckwith

    (@tw2113)

    The BenchPresser

    5 months, 2 weeks ago

    The only place I’m seeing the method in question is if DISABLE_WP_CRON is defined and set to true.

    https://github.com/WebDevStudios/constant-contact-forms/blob/2.15.1/includes/class-api.php#L218-L220

    So it’s part PHP version, but also part edge case with regards to WP Cron.

    regexaurus

    (@regexaurus)

    5 months, 2 weeks ago

    We ran into this today, on a DreamPress (managed WordPress) site with PHP 8.4. We have DISABLE_WP_CRON defined and enabled (true).

    Thank you, @spatton99, for the temporary fix!

    Plugin Contributor Michael Beckwith

    (@tw2113)

    The BenchPresser

    5 months, 2 weeks ago

    Hoping to provide a downloadable zip to help patch this up for those encountering immediate issues, by end of day today, with a patched release to everyone early next week.

    Thank you for your patience and understanding with this slight edge case.

    Plugin Contributor Michael Beckwith

    (@tw2113)

    The BenchPresser

    5 months, 2 weeks ago

    For until we get a release out to everyone: https://www.dropbox.com/scl/fi/pfahvxzo5xx620f7st2q2/constant-contact-forms-2152-beta.zip?rlkey=oma9azvsyfw5p4bne0bgo9g0m&dl=0

    It’ll still say “2.15.1” but the casting of integers for the math, instead of potential strings and concatenation is in place.

Viewing 11 replies - 1 through 11 (of 11 total)

You must be logged in to reply to this topic.