Make WordPress Core

Changeset 50935


Ignore:
Timestamp:
05/19/2021 10:10:58 PM (3 years ago)
Author:
SergeyBiryukov
Message:

General: Ensure consistent type for integer properties of WP_Post, WP_Term, and WP_User.

Previously, these properties could be unexpectedly converted to strings in some contexts.

This applies to the following functions:

  • sanitize_post_field()
  • sanitize_term_field()
  • sanitize_user_field()

and the following properties:

  • WP_Post::ID
  • WP_Post::post_parent
  • WP_Post::menu_order
  • WP_Term::term_id
  • WP_Term::term_taxonomy_id
  • WP_Term::parent
  • WP_Term::count
  • WP_Term::term_group
  • WP_User::ID

Props grantmkin, SergeyBiryukov.
Fixes #53235. See #52995.

Location:
trunk
Files:
6 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/post.php

    r50835 r50935  
    26342634    }
    26352635
     2636    // Restore the type for integer fields after esc_attr().
     2637    if ( in_array( $field, $int_fields, true ) ) {
     2638        $value = (int) $value;
     2639    }
     2640
    26362641    return $value;
    26372642}
  • trunk/src/wp-includes/taxonomy.php

    r50828 r50935  
    17611761        $value = esc_js( $value );
    17621762    }
     1763
     1764    // Restore the type for integer fields after esc_attr().
     1765    if ( in_array( $field, $int_fields, true ) ) {
     1766        $value = (int) $value;
     1767    }
     1768
    17631769    return $value;
    17641770}
  • trunk/src/wp-includes/user.php

    r50916 r50935  
    15311531        $value = esc_js( $value );
    15321532    }
     1533
     1534    // Restore the type for integer fields after esc_attr().
     1535    if ( in_array( $field, $int_fields, true ) ) {
     1536        $value = (int) $value;
     1537    }
     1538
    15331539    return $value;
    15341540}
  • trunk/tests/phpunit/tests/post/objects.php

    r48937 r50935  
    185185    }
    186186
     187    /**
     188     * @ticket 53235
     189     */
     190    public function test_numeric_properties_should_be_cast_to_ints() {
     191        $post_id  = self::factory()->post->create();
     192        $contexts = array( 'raw', 'edit', 'db', 'display', 'attribute', 'js' );
     193
     194        foreach ( $contexts as $context ) {
     195            $post = get_post( $post_id, OBJECT, $context );
     196
     197            $this->assertInternalType( 'int', $post->ID );
     198            $this->assertInternalType( 'int', $post->post_parent );
     199            $this->assertInternalType( 'int', $post->menu_order );
     200        }
     201    }
     202
    187203    function test_get_post_identity() {
    188204        $post = get_post( self::factory()->post->create() );
  • trunk/tests/phpunit/tests/term/getTerm.php

    r50926 r50935  
    125125    /**
    126126     * @ticket 14162
     127     * @ticket 53235
    127128     */
    128129    public function test_numeric_properties_should_be_cast_to_ints() {
     
    134135        $term_data = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->terms t JOIN $wpdb->term_taxonomy tt ON ( t.term_id = tt.term_id ) WHERE t.term_id = %d", $t ) );
    135136
    136         $found = get_term( $term_data );
    137 
    138         $this->assertInstanceOf( 'WP_Term', $found );
    139         $this->assertInternalType( 'int', $found->term_id );
    140         $this->assertInternalType( 'int', $found->term_taxonomy_id );
    141         $this->assertInternalType( 'int', $found->parent );
    142         $this->assertInternalType( 'int', $found->count );
    143         $this->assertInternalType( 'int', $found->term_group );
     137        $contexts = array( 'raw', 'edit', 'db', 'display', 'rss', 'attribute', 'js' );
     138
     139        foreach ( $contexts as $context ) {
     140            $found = get_term( $term_data, '', OBJECT, $context );
     141
     142            $this->assertInstanceOf( 'WP_Term', $found );
     143            $this->assertInternalType( 'int', $found->term_id );
     144            $this->assertInternalType( 'int', $found->term_taxonomy_id );
     145            $this->assertInternalType( 'int', $found->parent );
     146            $this->assertInternalType( 'int', $found->count );
     147            $this->assertInternalType( 'int', $found->term_group );
     148        }
    144149    }
    145150
  • trunk/tests/phpunit/tests/user.php

    r49757 r50935  
    203203        foreach ( get_object_vars( $user ) as $key => $value ) {
    204204            $this->assertSame( $value, $user->$key );
     205        }
     206    }
     207
     208    /**
     209     * @ticket 53235
     210     */
     211    public function test_numeric_properties_should_be_cast_to_ints() {
     212        $user     = new WP_User( self::$author_id );
     213        $contexts = array( 'raw', 'edit', 'db', 'display', 'attribute', 'js' );
     214
     215        foreach ( $contexts as $context ) {
     216            $user->filter = $context;
     217            $user->init( $user->data );
     218
     219            $this->assertInternalType( 'int', $user->ID );
    205220        }
    206221    }
Note: See TracChangeset for help on using the changeset viewer.