Make WordPress Core

Changeset 38787


Ignore:
Timestamp:
10/14/2016 12:04:50 PM (7 years ago)
Author:
johnbillion
Message:

Users: Use the role name instead of the role display name when fetching the list of users with no role. This avoids false positives when dealing with user roles that, for example, contain spaces in the display name.

Props procodewp, choongsavvii
Fixes #38234

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/user.php

    r38705 r38787  
    24412441
    24422442    $prefix = $wpdb->get_blog_prefix();
    2443     $regex  = implode( '|', wp_roles()->get_names() );
     2443    $regex  = implode( '|', array_keys( wp_roles()->get_names() ) );
    24442444    $regex  = preg_replace( '/[^a-zA-Z_\|-]/', '', $regex );
    24452445    $users  = $wpdb->get_col( $wpdb->prepare( "
  • trunk/tests/phpunit/tests/user/wpGetUsersWithNoRole.php

    r35242 r38787  
    8282    }
    8383
     84    /**
     85     * Role comparison must be done on role name, not role display name.
     86     *
     87     * @ticket 38234
     88     */
     89    public function test_get_users_with_no_role_matches_on_role_name() {
     90        // Create a role with a display name which would not match the role name
     91        // in a case-insentive SQL query.
     92        wp_roles()->add_role( 'somerole', 'Some role display name' );
     93
     94        $someuser = self::factory()->user->create( array(
     95            'role' => 'somerole',
     96        ) );
     97
     98        $users = wp_get_users_with_no_role();
     99
     100        wp_roles()->remove_role( 'somerole' );
     101
     102        $this->assertEmpty( $users );
     103    }
     104
    84105}
Note: See TracChangeset for help on using the changeset viewer.