Make WordPress Core

Changeset 53771


Ignore:
Timestamp:
07/24/2022 01:24:44 PM (3 years ago)
Author:
SergeyBiryukov
Message:

Posts, Post Types: Check if the post type exists in wp_insert_post().

This avoids an Attempt to read property "cap" on null PHP warning when checking an unregistered post type's publish_posts capability to disallow contributors setting the post slug for pending posts.

Follow-up to [9055], [42380].

Props Chouby, mukesh27, rafiahmedd, SergeyBiryukov.
Fixes #55877.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/post.php

    r53751 r53771  
    41604160     * For new posts check the primitive capability, for updates check the meta capability.
    41614161     */
    4162     $post_type_object = get_post_type_object( $post_type );
    4163 
    4164     if ( ! $update && 'pending' === $post_status && ! current_user_can( $post_type_object->cap->publish_posts ) ) {
    4165         $post_name = '';
    4166     } elseif ( $update && 'pending' === $post_status && ! current_user_can( 'publish_post', $post_ID ) ) {
    4167         $post_name = '';
     4162    if ( 'pending' === $post_status ) {
     4163        $post_type_object = get_post_type_object( $post_type );
     4164
     4165        if ( ! $update && $post_type_object && ! current_user_can( $post_type_object->cap->publish_posts ) ) {
     4166            $post_name = '';
     4167        } elseif ( $update && ! current_user_can( 'publish_post', $post_ID ) ) {
     4168            $post_name = '';
     4169        }
    41684170    }
    41694171
  • trunk/tests/phpunit/tests/post.php

    r53559 r53771  
    503503
    504504    /**
     505     * @ticket 55877
     506     * @covers ::wp_insert_post
     507     */
     508    public function test_wp_insert_post_should_not_trigger_warning_for_pending_posts_with_unknown_cpt() {
     509        $post_id = wp_insert_post(
     510            array(
     511                'post_title'  => 'title',
     512                'post_type'   => 'unknown',
     513                'post_status' => 'pending',
     514            )
     515        );
     516
     517        $this->assertIsNumeric( $post_id );
     518        $this->assertGreaterThan( 0, $post_id );
     519    }
     520
     521    /**
    505522     * @ticket 20451
    506523     */
Note: See TracChangeset for help on using the changeset viewer.