Opened 3 years ago
Closed 2 years ago
#18068 closed defect (bug) (fixed)
wp_list_bookmarks orderby broke in WP 3.1.4 (submiting per Per Andrew Nacin)
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | 3.3 | Priority: | normal |
| Severity: | major | Version: | 3.1.4 |
| Component: | Template | Keywords: | has-patch |
| Focuses: | Cc: |
Description (last modified by scribu)
From: Andrew Nacin <nacin@…>
Date: July 11, 2011 11:16:52 AM EDT
To: Doug Foster <doug@…>
Subject: Re: if/how I should submit/track orderby bug in wp_list_bookmarks()?
Hi Doug,
Please submit a report here: http://core.trac.wordpress.org. As soon as possible today would be great for our timelines.
Andrew
On Mon, Jul 11, 2011 at 11:12 AM, Doug Foster <doug@…> wrote:
Hi Andrew,
I wanted to check back and ask if/how I should submit this as a bug and track it. What would you suggest?
Thanks!
Doug
On Jul 1, 2011, at 12:38 PM, Doug Foster wrote:
Hi Andrew,
...
The Codex (http://codex.wordpress.org/Function_Reference/wp_list_bookmarks) implies you would use "id" vs. the database field "link_id" as you mention, but in my searching I also found this kinda related issue (http://wordpress.org/support/topic/problem-with-orderby-in-wp_list_bookmarks).
You're right about the approach I took or My Link Order takes, but if you want to order links (a very reasonable thing to do) it looks like it is a common practice, and the Codex implies it is (or should be) a workable option. I guess the real question is a clean way to do it, literally like a sort-order field. And a Codex page that matches the functionality.
I'll try using link_id and deleting all the links and then re-entering those. Bummer, for my site and the ones I support that's gonna take some time.
...
Doug
On Jul 1, 2011, at 12:07 PM, Andrew Nacin wrote:
Hi Doug,
We couldn't have predicted that one, that's for sure. Orderby options weren't removed as much as they were whitelisted. Nearly every field remains sortable, but notes is a text field, so we couldn't have expected anyone to be ordering by that. (In fact, ordering by MySQL TEXT fields is pretty much a no-no.)
orderby=id didn't appear to have ever worked, but orderby=link_id works fine.
My Link Order adds a new column to the database. Ugly. Unfortunately there's no easy way to fix that from our end. But I'll take a look.
Andrew
On Fri, Jul 1, 2011 at 12:00 PM, Doug Foster <doug@…> wrote:
Hi Andrew,
...
Upgrading from WP 3.1.3 to 3.1.4 broke the ability to sort links by notes using wp_list_bookmarks orderby=notes (I assume the same holds true for get_bookmarks too).
I found this post (http://wordpress.org/support/topic/plugin-my-link-order-wordpress-update-broke-my-order).
Reading this (http://permalink.gmane.org/gmane.comp.security.full-disclosure/80532) makes me think some of the orderby options were removed to address this threat.
It does seem that (other than name) rating still works, but that appears to be the only one. For a while I thought it was just that you could not orderby any field with a varchar type, but it appears that even orderby=id (which is bigint(20) type) doesn't work.
So, if you have many links (like I do on http://theideamechanic.com) – and used to orderby=notes – you're left looking for a work around:
I could put a number in the name but that looks ugly and hacky
I could use rating but you're limited to 10 links (I have more in my "Getting Started" category
I could write a query to pull links direct from the database, but that kinda defeats the abstraction of having the wp_list_bookmarks template tag.
Just wondering if this bug is going to get attention?
It seems several users have been using links notes for arbitrary sorting of links when displaying, and that got broken in 3.1.4, perhaps in response to the security issue mentioned by Doug.
The mod was in get_bookmarks and effectively filters out notes from a small list of allowed sort options. Unfortunately this removes the ability for arbitrary sorting.
I see three options, but I'm not a WP boffin, so don't know all the ins and outs of the suggestions:
1) restore the use of notes for orderby in get_bookmarks, maybe with some smarts to improve the security. This could be as simple as adding notes to the list of allowed fields when processing the orderby argument in get_bookmarks
2) add new (numeric) sorting attribute to links and add some new functionality to get_bookmarks to allow sorting by this new attribute. (requires update of database version)
3) expand the number of levels in link_rating (drop down list would no longer be practical).
There are no real workarounds apart from using link_id, which makes arbitrary sorting tedious to the extreme, and is just as bad a double-use of a field as using link_notes.
Doug, a quick and dirty fix (unofficial stab at option 1) is suggested by me at http://wordpress.org/support/topic/wp-32-wp_list_bookmarks-orderbyid-not-working , but I haven't fully considered the security issue that you mentioned.