Make WordPress Core


Ignore:
Timestamp:
02/14/2015 02:08:46 AM (10 years ago)
Author:
boonebgorges
Message:

More careful type conversion in WP_Query is_*() methods.

is_array( 1, '1-foo' ) returns true, which means that is_page( 1 )
was returning true when on a page with the slug '1-foo'. We avoid this odd
behavior by casting the queried object ID to a string before testing against
the value passed to the conditional function.

This also helps to avoid a problem where an arbitrary value for $page would
cause is_page( $page ) to return true if the query had been manipulated by
a plugin to show that the current page's ID is 0.

Props boonebgorges, r-a-y, nunomorgadinho, wonderboymusic, clifgriffin.
Fixes #24674.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/query.php

    r31366 r31458  
    40784078        $post_obj = $this->get_queried_object();
    40794079
    4080         if ( in_array( $post_obj->ID, $attachment ) ) {
     4080        if ( in_array( (string) $post_obj->ID, $attachment ) ) {
    40814081            return true;
    40824082        } elseif ( in_array( $post_obj->post_title, $attachment ) ) {
     
    41104110        $author = (array) $author;
    41114111
    4112         if ( in_array( $author_obj->ID, $author ) )
     4112        if ( in_array( (string) $author_obj->ID, $author ) )
    41134113            return true;
    41144114        elseif ( in_array( $author_obj->nickname, $author ) )
     
    41424142        $category = (array) $category;
    41434143
    4144         if ( in_array( $cat_obj->term_id, $category ) )
     4144        if ( in_array( (string) $cat_obj->term_id, $category ) )
    41454145            return true;
    41464146        elseif ( in_array( $cat_obj->name, $category ) )
     
    41744174        $tag = (array) $tag;
    41754175
    4176         if ( in_array( $tag_obj->term_id, $tag ) )
     4176        if ( in_array( (string) $tag_obj->term_id, $tag ) )
    41774177            return true;
    41784178        elseif ( in_array( $tag_obj->name, $tag ) )
     
    43714371        $page = (array) $page;
    43724372
    4373         if ( in_array( $page_obj->ID, $page ) ) {
     4373        if ( in_array( (string) $page_obj->ID, $page ) ) {
    43744374            return true;
    43754375        } elseif ( in_array( $page_obj->post_title, $page ) ) {
     
    44644464        $post = (array) $post;
    44654465
    4466         if ( in_array( $post_obj->ID, $post ) ) {
     4466        if ( in_array( (string) $post_obj->ID, $post ) ) {
    44674467            return true;
    44684468        } elseif ( in_array( $post_obj->post_title, $post ) ) {
Note: See TracChangeset for help on using the changeset viewer.