#24884 closed defect (bug) (fixed)
WP_Query's "m" parameter is cast to an int which is a problem due to 32-bit signed intergers
Reported by: | Viper007Bond | Owned by: | nacin |
---|---|---|---|
Milestone: | 3.7 | Priority: | normal |
Severity: | normal | Version: | 3.5.2 |
Component: | Query | Keywords: | has-patch |
Focuses: | Cc: |
Description (last modified by )
WP_Query
's m
parameter accepts MySQL datetimes basically. These values can be up to 14 characters long (YYYYMMDDHHMMSS). For the long values, you end up with 2147483647 when the passed value is run through absint()
. While in the process of being used to create a query, it is further validated by being run through preg_replace( '|[^0-9]|', '', $q['m'] )
which makes the integer casting redundant.
Attached is a patch that fixes this issue by just using regex to validate the value.
I discovered this while writing unit tests for #18694 and with the patch on this ticket applied, the unit tests now work as expected. This is another case of unit tests saving the day! :)
Attachments (1)
Change History (7)
Note: See
TracTickets for help on using
tickets.
Yep.