Make WordPress Core

Changeset 31458


Ignore:
Timestamp:
02/14/2015 02:08:46 AM (10 years ago)
Author:
boonebgorges
Message:

More careful type conversion in WP_Query is_*() methods.

is_array( 1, '1-foo' ) returns true, which means that is_page( 1 )
was returning true when on a page with the slug '1-foo'. We avoid this odd
behavior by casting the queried object ID to a string before testing against
the value passed to the conditional function.

This also helps to avoid a problem where an arbitrary value for $page would
cause is_page( $page ) to return true if the query had been manipulated by
a plugin to show that the current page's ID is 0.

Props boonebgorges, r-a-y, nunomorgadinho, wonderboymusic, clifgriffin.
Fixes #24674.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/query.php

    r31366 r31458  
    40784078        $post_obj = $this->get_queried_object();
    40794079
    4080         if ( in_array( $post_obj->ID, $attachment ) ) {
     4080        if ( in_array( (string) $post_obj->ID, $attachment ) ) {
    40814081            return true;
    40824082        } elseif ( in_array( $post_obj->post_title, $attachment ) ) {
     
    41104110        $author = (array) $author;
    41114111
    4112         if ( in_array( $author_obj->ID, $author ) )
     4112        if ( in_array( (string) $author_obj->ID, $author ) )
    41134113            return true;
    41144114        elseif ( in_array( $author_obj->nickname, $author ) )
     
    41424142        $category = (array) $category;
    41434143
    4144         if ( in_array( $cat_obj->term_id, $category ) )
     4144        if ( in_array( (string) $cat_obj->term_id, $category ) )
    41454145            return true;
    41464146        elseif ( in_array( $cat_obj->name, $category ) )
     
    41744174        $tag = (array) $tag;
    41754175
    4176         if ( in_array( $tag_obj->term_id, $tag ) )
     4176        if ( in_array( (string) $tag_obj->term_id, $tag ) )
    41774177            return true;
    41784178        elseif ( in_array( $tag_obj->name, $tag ) )
     
    43714371        $page = (array) $page;
    43724372
    4373         if ( in_array( $page_obj->ID, $page ) ) {
     4373        if ( in_array( (string) $page_obj->ID, $page ) ) {
    43744374            return true;
    43754375        } elseif ( in_array( $page_obj->post_title, $page ) ) {
     
    44644464        $post = (array) $post;
    44654465
    4466         if ( in_array( $post_obj->ID, $post ) ) {
     4466        if ( in_array( (string) $post_obj->ID, $post ) ) {
    44674467            return true;
    44684468        } elseif ( in_array( $post_obj->post_title, $post ) ) {
  • trunk/tests/phpunit/tests/query/conditionals.php

    r29932 r31458  
    743743    }
    744744
     745    /**
     746     * @ticket 24674
     747     */
     748    public function test_is_single_with_slug_that_begins_with_a_number_that_clashes_with_another_post_id() {
     749        $p1 = $this->factory->post->create();
     750
     751        $p2_name = $p1 . '-post';
     752        $p2 = $this->factory->post->create( array(
     753            'slug' => $p2_name,
     754        ) );
     755
     756        $this->go_to( "/?p=$p1" );
     757
     758        $q = $GLOBALS['wp_query'];
     759
     760        $this->assertTrue( $q->is_single() );
     761        $this->assertTrue( $q->is_single( $p1 ) );
     762        $this->assertFalse( $q->is_single( $p2_name ) );
     763        $this->assertFalse( $q->is_single( $p2 ) );
     764    }
     765
    745766    function test_is_page() {
    746767        $post_id = $this->factory->post->create( array( 'post_type' => 'page' ) );
     
    810831        $this->assertTrue( is_attachment( $post->post_name ) );
    811832    }
     833
     834    /**
     835     * @ticket 24674
     836     */
     837    public function test_is_attachment_with_slug_that_begins_with_a_number_that_clashes_with_a_page_ID() {
     838        $p1 = $this->factory->post->create( array( 'post_type' => 'attachment' ) );
     839
     840        $p2_name = $p1 . '-attachment';
     841        $p2 = $this->factory->post->create( array(
     842            'post_type' => 'attachment',
     843            'post_name' => $p2_name,
     844        ) );
     845
     846        $this->go_to( "/?attachment_id=$p1" );
     847
     848        $q = $GLOBALS['wp_query'];
     849
     850        $this->assertTrue( $q->is_attachment() );
     851        $this->assertTrue( $q->is_attachment( $p1 ) );
     852        $this->assertFalse( $q->is_attachment( $p2_name ) );
     853        $this->assertFalse( $q->is_attachment( $p2 ) );
     854    }
     855
     856    /**
     857     * @ticket 24674
     858     */
     859    public function test_is_author_with_nicename_that_begins_with_a_number_that_clashes_with_another_author_id() {
     860        $u1 = $this->factory->user->create();
     861
     862        $u2_name = $u1 . '_user';
     863        $u2 = $this->factory->user->create( array(
     864            'user_nicename' => $u2_name,
     865        ) );
     866
     867        $this->go_to( "/?author=$u1" );
     868
     869        $q = $GLOBALS['wp_query'];
     870
     871        $this->assertTrue( $q->is_author() );
     872        $this->assertTrue( $q->is_author( $u1 ) );
     873        $this->assertFalse( $q->is_author( $u2_name ) );
     874        $this->assertFalse( $q->is_author( $u2 ) );
     875    }
     876
     877    /**
     878     * @ticket 24674
     879     */
     880    public function test_is_category_with_slug_that_begins_with_a_number_that_clashes_with_another_category_id() {
     881        $c1 = $this->factory->category->create();
     882
     883        $c2_name = $c1 . '-category';
     884        $c2 = $this->factory->category->create( array(
     885            'slug' => $c2_name,
     886        ) );
     887
     888        $this->go_to( "/?cat=$c1" );
     889
     890        $q = $GLOBALS['wp_query'];
     891
     892        $this->assertTrue( $q->is_category() );
     893        $this->assertTrue( $q->is_category( $c1 ) );
     894        $this->assertFalse( $q->is_category( $c2_name ) );
     895        $this->assertFalse( $q->is_category( $c2 ) );
     896    }
     897
     898    /**
     899     * @ticket 24674
     900     */
     901    public function test_is_tag_with_slug_that_begins_with_a_number_that_clashes_with_another_tag_id() {
     902        $t1 = $this->factory->tag->create();
     903
     904        $t2_name = $t1 . '-tag';
     905        $t2 = $this->factory->tag->create( array(
     906            'slug' => $t2_name,
     907        ) );
     908
     909        $this->go_to( "/?tag_id=$t1" );
     910
     911        $q = $GLOBALS['wp_query'];
     912
     913        $this->assertTrue( $q->is_tag() );
     914        $this->assertTrue( $q->is_tag( $t1 ) );
     915        $this->assertFalse( $q->is_tag( $t2_name ) );
     916        $this->assertFalse( $q->is_tag( $t2 ) );
     917    }
     918
     919    /**
     920     * @ticket 24674
     921     */
     922    public function test_is_page_with_page_id_zero_and_random_page_slug() {
     923        $post_id = $this->factory->post->create( array( 'post_type' => 'page' ) );
     924        $this->go_to( "/?page_id=$post_id" );
     925
     926        // override post ID to 0 temporarily for testing
     927        $_id = $GLOBALS['wp_query']->post->ID;
     928        $GLOBALS['wp_query']->post->ID = 0;
     929
     930        $post = get_queried_object();
     931        $q = $GLOBALS['wp_query'];
     932
     933        $this->assertTrue( $q->is_page() );
     934        $this->assertFalse( $q->is_page( 'sample-page' ) );
     935        $this->assertFalse( $q->is_page( 'random-page-slug' ) );
     936
     937        // revert $wp_query global change
     938        $GLOBALS['wp_query']->post->ID = $_id;
     939    }
     940
     941    /**
     942     * @ticket 24674
     943     */
     944    public function test_is_page_with_page_slug_that_begins_with_a_number_that_clashes_with_a_page_ID() {
     945        $p1 = $this->factory->post->create( array( 'post_type' => 'page' ) );
     946
     947        $p2_name = $p1 . '-page';
     948        $p2 = $this->factory->post->create( array(
     949            'post_type' => 'page',
     950            'post_name' => $p2_name,
     951        ) );
     952
     953        $this->go_to( "/?page_id=$p1" );
     954
     955        $q = $GLOBALS['wp_query'];
     956
     957        $this->assertTrue( $q->is_page() );
     958        $this->assertTrue( $q->is_page( $p1 ) );
     959        $this->assertFalse( $q->is_page( $p2_name ) );
     960        $this->assertFalse( $q->is_page( $p2 ) );
     961    }
    812962}
Note: See TracChangeset for help on using the changeset viewer.