Make WordPress Core

Changeset 31114


Ignore:
Timestamp:
01/09/2015 04:39:56 PM (10 years ago)
Author:
boonebgorges
Message:

In get_permalink(), don't resolve to pretty permalink if post has 'future' status.

We already do this for other non-public statuses, to prevent leaking non-public
information about unpublished posts.

Props e.mazovetskiy, CalEvans.
Fixes #30910.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/link-template.php

    r31107 r31114  
    158158    $permalink = apply_filters( 'pre_post_link', $permalink, $post, $leavename );
    159159
    160     if ( '' != $permalink && !in_array($post->post_status, array('draft', 'pending', 'auto-draft')) ) {
     160    if ( '' != $permalink && !in_array( $post->post_status, array( 'draft', 'pending', 'auto-draft', 'future' ) ) ) {
    161161        $unixtime = strtotime($post->post_date);
    162162
     
    254254    $slug = $post->post_name;
    255255
    256     $draft_or_pending = isset($post->post_status) && in_array( $post->post_status, array( 'draft', 'pending', 'auto-draft' ) );
     256    $draft_or_pending = isset( $post->post_status ) && in_array( $post->post_status, array( 'draft', 'pending', 'auto-draft', 'future' ) );
    257257
    258258    $post_type = get_post_type_object($post->post_type);
  • trunk/tests/phpunit/tests/link.php

    r30401 r31114  
    287287        $this->assertEquals( '/this-is-a-test/?redirect=https://example.org/a-different-test-post/', $relative_link );
    288288    }
     289
     290    /**
     291     * @ticket 30910
     292     */
     293    public function test_get_permalink_should_not_reveal_post_name_for_post_with_post_status_future() {
     294        update_option( 'permalink_structure','/%year%/%monthnum%/%day%/%postname%/' );
     295
     296        flush_rewrite_rules();
     297
     298        $p = $this->factory->post->create( array(
     299            'post_status' => 'publish',
     300            'post_date'   => strftime( '%Y-%m-%d %H:%M:%S', strtotime( '+1 day' ) )
     301        ) );
     302
     303        $non_pretty_permalink = add_query_arg( 'p', $p, trailingslashit( home_url() ) );
     304
     305        $this->assertEquals( $non_pretty_permalink, get_permalink( $p ) );
     306    }
     307
     308    /**
     309     * @ticket 30910
     310     */
     311    public function test_get_permalink_should_not_reveal_post_name_for_cpt_with_post_status_future() {
     312        update_option( 'permalink_structure','/%year%/%monthnum%/%day%/%postname%/' );
     313
     314        register_post_type( 'wptests_pt', array( 'public' => true ) );
     315
     316        flush_rewrite_rules();
     317
     318        $p = $this->factory->post->create( array(
     319            'post_status' => 'future',
     320            'post_type'   => 'wptests_pt',
     321            'post_date'   => strftime( '%Y-%m-%d %H:%M:%S', strtotime( '+1 day' ) )
     322        ) );
     323
     324        $non_pretty_permalink = add_query_arg( array(
     325            'post_type' => 'wptests_pt',
     326            'p' => $p,
     327        ), trailingslashit( home_url() ) );
     328
     329        $this->assertEquals( $non_pretty_permalink, get_permalink( $p ) );
     330    }
    289331}
  • trunk/tests/phpunit/tests/query/postStatus.php

    r31047 r31114  
    196196            'posts_per_page' => -1,
    197197        ) );
    198 global $wpdb;
    199 //print_r( $wpdb->get_results( "SELECT * FROM $wpdb->posts" ) );
     198
    200199        $this->assertContains( self::$author_privatefoo_post, wp_list_pluck( $q->posts, 'ID' ) );
    201200        $this->assertContains( self::$editor_privatefoo_post, wp_list_pluck( $q->posts, 'ID' ) );
Note: See TracChangeset for help on using the changeset viewer.