#16854 closed enhancement (fixed)
wp_query does not handle multiple exclude author properly
Reported by: | commentluv | Owned by: | wonderboymusic |
---|---|---|---|
Milestone: | 3.7 | Priority: | normal |
Severity: | normal | Version: | 3.1 |
Component: | Query | Keywords: | has-patch 3.5-early |
Focuses: | Cc: |
Description
when making a query with $args containing
'author' => '-2,-3,-4'
line 2008 of wp-includes/query.php only uses 1 element of the array that is created from the
$q['author'] string
$q['author'] = explode('-', $q['author']); $q['author'] = (string)absint($q['author'][1]);
I have attached a patch that works with 1 or more excluded authors
essentially it, implodes the array back into a string of author ID's rather than selecting only element [1] of the exploded array
$q['author'] = explode('-', $q['author']); $q['author'] = implode('',$q['author']);
Attachments (5)
Change History (25)
#1
@
14 years ago
- Keywords has-patch removed
That gleefully opens the door to SQL injections.
Instead of overloading the 'author' query var, I think we shold have author__in
and author__not_in
.
Similar: #13927
#2
@
14 years ago
yes I agree, it was a quick and dirty patch.
I did consider doing an array_walk and absint each of the id's but I figured I would wait until one of the regular wp folks would come up with a better way. and you did! (in minutes flat!) :-)
the author__in
and author_not_in
would make more sense, it would allow and/nots for authors
at the moment, it's " show from everyone except this one" and not able to "show from these but not these"
looking forward to see what happens with it
#3
@
14 years ago
- Keywords has-patch dev-feedback added; needs-patch removed
I ran into this problem myself so I wrote up a patch. It does not add authorin and authornot_in, but it does, in effect, do those things with the 'author' param. See 16854.patch
Essentially, if you pass only '-' values to 'author', a NOT IN query is assembled. If you pass only values without an '-', you get an IN query. If you pass a mix of '-' and non-'-', the '-' values are ignored and you get an IN query (since the NOTs would be redundant anyway).
While I was refactoring, I introduced support for passing an array as well as a string.
#4
@
13 years ago
I got caught by the comma-separated string only (no arrays allowed) issue, heh. It'd be good to introduce author__in
and author__not_in
and make them accept both arrays and strings -- two birds, one stone.
#5
@
13 years ago
- Cc gingerhendrix added
- Version changed from 3.1 to 3.3
Just hoping this bug can get looked at again. It's not fixed in 3.3 beta 2. It's had a patch for 5 months, and it's definitely a significant bug - the codex even has a broken example
http://codex.wordpress.org/Class_Reference/WP_Query#Author_Parameters
$query = new WP_Query( 'author=-12,-34,-56' );
The above example from the docs, is the perfect test case for this bug. More than happy to help if the patch needs updated. I've a manually patched wordpress installation for one of my clients, and I currently need to re-patch every release.
#6
@
13 years ago
- Version changed from 3.3 to 3.1
Version number is used to track when the bug was initially reported.
#12
@
13 years ago
- Cc lol@… added
This one has been bugging me, pollett's code seems like an excellent solution. 3.5 milestone?
#17
@
11 years ago
- Milestone changed from Future Release to 3.7
I really dig this. I rewrote parts of the patch and refreshed others against trunk.
Allows vars like these:
get_posts( array( 'author' => '' ) ); get_posts( array( 'author' => 0 ) ); get_posts( array( 'author' => '0' ) ); get_posts( array( 'author' => 1 ) ); get_posts( array( 'author' => '1,2' ) ); get_posts( array( 'author' => '-1,2' ) ); get_posts( array( 'author' => '1,-2' ) ); get_posts( array( 'author' => '-1,-2' ) ); get_posts( array( 'author__in' => array( 1, 2 ) ) ); get_posts( array( 'author__not_in' => array( 1, 2 ) ) ); get_posts( array( 'author_name' => 'admin' ) ); exit();
patch for wp-includes/query.php for wordpress version 3.1