Opened 13 years ago
Closed 12 years ago
#17775 closed defect (bug) (fixed)
Possible invalid user roles count with similarly named roles
Reported by: | layotte | Owned by: | |
---|---|---|---|
Milestone: | 3.4 | Priority: | normal |
Severity: | minor | Version: | 3.1.3 |
Component: | Users | Keywords: | has-patch |
Focuses: | Cc: |
Description
How to replicate: Create a user role named "custom_administrator", add users to this role. Role count in /wp-admin/users.php for the "Administrator" role will include the users in the "custom_administrator" role.
Currently line 852 of /wp-includes/users.php counts the roles with this line:
$select_count[] = "COUNT(NULLIF(`meta_value` LIKE '%" . like_escape($this_role) . "%', FALSE))";
Lines in DB look like this:
a:1:{s:13:"administrator";s:1:"1";} a:1:{s:20:"custom_administrator";s:1:"1";}
Patch for users.php attached, to this:
$select_count[] = "COUNT(NULLIF(`meta_value` LIKE '%\"" . like_escape($this_role) . "\"%', FALSE))";
Attachments (1)
Change History (3)
Note: See
TracTickets for help on using
tickets.
Related: #12693