Opened 12 years ago
Closed 11 years ago
#23668 closed defect (bug) (fixed)
Check for empty slug input in register_taxonomy
Reported by: | cliffseal | Owned by: | wonderboymusic |
---|---|---|---|
Milestone: | 3.7 | Priority: | normal |
Severity: | normal | Version: | 3.5.1 |
Component: | Taxonomy | Keywords: | has-patch commit |
Focuses: | Cc: |
Description
If you give an empty string for the slug
part of the rewrite
array in a register_taxonomy
call, like:
'rewrite' => array( 'slug' => '' )
...you get some wacky permalink issues, even when you flush properly. In my case, I was seeing top-level pages (only) 404 while everything else worked. Removing this admittedly poor part of the code fixed it, but this should be checked for. The register_post_type
function ensures this isn't empty, and this function should as well.
Attachments (6)
Change History (35)
#1
@
12 years ago
- Milestone changed from Awaiting Review to 3.6
This would be consistent with [17298].
#3
follow-up:
↓ 4
@
12 years ago
Looks like emptytax.diff is missing sanitize_title_with_dashes()
. See 23668.patch.
register_post_type()
, on the other hand, uses sanitize_key()
:
http://core.trac.wordpress.org/browser/tags/3.5.1/wp-includes/post.php#L1234
#4
in reply to:
↑ 3
;
follow-up:
↓ 5
@
12 years ago
Replying to SergeyBiryukov:
Looks like emptytax.diff is missing
sanitize_title_with_dashes()
. See 23668.patch.
I'm not sure I understand. It runs sanitize_title_with_dashes()
in the next line in the wp_parse_args()
call.
#5
in reply to:
↑ 4
;
follow-up:
↓ 6
@
12 years ago
Replying to cliffseal:
Replying to SergeyBiryukov:
Looks like emptytax.diff is missing
sanitize_title_with_dashes()
. See 23668.patch.
I'm not sure I understand. It runs
sanitize_title_with_dashes()
in the next line in thewp_parse_args()
call.
wp_parse_args favors the values in the first argument - so in emptytax.diff the sanitize_title_with_dashes would have no affect, since the array value of the first argument would be favored, which would be the (potentially) unsanitized $taxonomy string.
#6
in reply to:
↑ 5
@
12 years ago
Replying to ericlewis:
wp_parse_args favors the values in the first argument - so in emptytax.diff the sanitize_title_with_dashes would have no affect, since the array value of the first argument would be favored, which would be the (potentially) unsanitized $taxonomy string.
Interesting. Thanks, @ericlewis!
#7
@
11 years ago
- Milestone changed from 3.6 to Future Release
Seems like a good fix, but low priority. Punting to 3.7.
#8
@
11 years ago
- Keywords dev-feedback needs-testing removed
Tested against trunk rev 24833, and it works great - good work Cliff + Eric!
#12
@
11 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
I don't see any functionality changes in [25130].
#14
@
11 years ago
Line 350 is the same as line 351 in the earlier revision, it's just whitespace fixes.
#17
@
11 years ago
- Owner set to wonderboymusic
- Resolution set to fixed
- Status changed from reopened to closed
In 25335:
#18
@
11 years ago
- Keywords needs-patch added; has-patch commit removed
- Resolution fixed deleted
- Status changed from closed to reopened
I don't think [25335] needs a revert, but the use of wp_parse_args() there means a query string is valid, so it needs an adjustment. I am fine with actually converting this to array_merge()* and removing the parse_str, but either way, we should try to avoid what we're doing.
*Keeping in mind that the arguments would also need to be flipped.
#19
@
11 years ago
[25335] causes a Warning and Notice all over front-end and back-end (using PHP 5.3.8):
Warning: Cannot use a scalar value as an array in \WordpressTrunk\wp-includes\taxonomy.php on line 356
Notice: Undefined index: slug in \WordpressTrunk\wp-includes\taxonomy.php on line 369
#20
@
11 years ago
Seems like 23668.3.patch should fix the warning introduced in [25335], unless I'm missing something.
We should actually check if $args['rewrite']['slug']
is set and empty since the wp_parse_args()
call will only assign $args['rewrite']
a value of true
if unspecified.
#22
follow-up:
↓ 23
@
11 years ago
Why are we referring to 'post type key' and 'taxonomy key' in the docblocks instead of 'post type name' and 'taxonomy name'? (Tthe latter was changed in r25130.)
#23
in reply to:
↑ 22
@
11 years ago
Replying to johnbillion:
Why are we referring to 'post type key' and 'taxonomy key' in the docblocks instead of 'post type name' and 'taxonomy name'? (Tthe latter was changed in r25130.)
"Post type key" was originally introduced in [20734]. #25150 would be a better ticket for this question.
#24
@
11 years ago
I do have to mention, that if someone had their register_taxonomy call with
array( 'rewrite' => 'with_front=0&slug=something', // or slug=something, etc. ... )
That code will now be broken, which was what nacin was alluding to in comment:18, and jond3r in comment:19 appears to be using.
An alternative to this would've been either
if ( is_array( $args['rewrite'] ) && empty( $args['rewrite']['slug'] ) ) unset( $args['rewrite']['slug'] );
or
$default_slug = sanitize_title_with_dashes( $taxonomy ); wp_parse_args(.. $default_slug..) if ( empty( $args['rewrite']['slug'] ) ) $args['rewrite']['slug'] = $default_slug;
#25
follow-up:
↓ 27
@
11 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
Technically, $args['rewrite']
should only be an array or a boolean value, but a string indeed would have worked too, and I guess we shouldn't break that.
23668.4.patch restores wp_parse_args()
and moves it above the slug assignment to make sure $args['rewrite']
is an array before treating it as such.
#27
in reply to:
↑ 25
;
follow-up:
↓ 28
@
11 years ago
Replying to SergeyBiryukov:
Technically,
$args['rewrite']
should only be an array or a boolean value, but a string indeed would have worked too, and I guess we shouldn't break that.
For the record, I don't mind breaking that.
#28
in reply to:
↑ 27
@
11 years ago
Replying to nacin:
Replying to SergeyBiryukov:
Technically,
$args['rewrite']
should only be an array or a boolean value, but a string indeed would have worked too, and I guess we shouldn't break that.
For the record, I don't mind breaking that.
And it wouldn't work anyway. This would only work if someone passed $args as an array but $args['rewrite']
as a query string. I believe the technical term for that is "stupid".
Check for empty string in slug