WordPress.org

Make WordPress Core

#23425 closed defect (bug) (duplicate)

PHP warning in WP_Query::get_posts() when url includes ?page[]

Reported by: dave1010 Owned by:
Milestone: Priority: normal
Severity: normal Version: 1.5.1
Component: Query Keywords:
Focuses: Cc:

Description

To reproduce:

  1. Install WordPress (I cloned from https://github.com/WordPress/WordPress, @ [23391])
  2. Go to http://example.com/?page[]

Stack trace:

Warning: trim() expects parameter 1 to be string, array given in /var/www/projects/wordpress/wp-includes/query.php on line 2024
Stack trace:

  1. {main}() /var/www/projects/wordpress/index.php:0
  2. require() /var/www/projects/wordpress/index.php:17
  3. wp() /var/www/projects/wordpress/wp-blog-header.php:14
  4. WP->main() /var/www/projects/wordpress/wp-includes/functions.php:779
  5. WP->query_posts() /var/www/projects/wordpress/wp-includes/class-wp.php:549
  6. WP_Query->query() /var/www/projects/wordpress/wp-includes/class-wp.php:485
  7. WP_Query->get_posts() /var/www/projects/wordpress/wp-includes/query.php:2972
  8. trim() /var/www/projects/wordpress/wp-includes/query.php:2024

Looks like the query var "page" needs sanitizing / casting to string, either with the trim() on line 2024 or before.

Change History (4)

comment:1 dave101015 months ago

Very similar, not sure if it's worth adding a new ticket. Adding ?s[] to the URL gives an error in the same method:

Warning: stripslashes() expects parameter 1 to be string, array given in /var/www/projects/wordpress/wp-includes/query.php on line 2184

There may be other parameters that need sanitising too.

comment:2 mario-siteground15 months ago

Is there any practical reason to use that URL format in a real project? IMO handling this for a use-case that wouldn't exist in practice is unnecessary overhead.

comment:3 mario-siteground15 months ago

also related #23416

Version 0, edited 15 months ago by mario-siteground (next)

comment:4 SergeyBiryukov14 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed
  • Version changed from trunk to 1.5.1

Related: [2535]. Duplicate of #17737.

Note: See TracTickets for help on using tickets.