#34844 closed defect (bug) (duplicate)
Primary network site loads with any arbitrary path on sub-folder networks
Reported by: | mordauk | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 4.4 |
Component: | Networks and Sites | Keywords: | has-patch needs-testing reporter-feedback |
Focuses: | multisite | Cc: |
Description (last modified by )
Take this example:
- Network install with subfolders
- Primary site is /
- Any number of sites in the network
On some server setups (including WordPress.org itself), if you navigate to site.com/a-non-registered-site-path
the primary site is loaded, whereas the expected behavior is for a site not found
error.
Screenshot of network admin at site.com/
:
Screenshot of network admin at site.com/a-non-registered-site-path
:
This happens because $paths
in get_site_by_path()
includes both a-non-registered-site-path
and /
as allowed paths which are then used for the IN
statement of the SQL to find the current site:
$sql = $wpdb->prepare( "SELECT * FROM $wpdb->blogs WHERE domain = %s", $domains[0] ); $sql .= " AND path IN ($search_paths) ORDER BY CHAR_LENGTH(path) DESC LIMIT 1"; $site = $wpdb->get_row( $sql );
I've managed to fix the issue by only adding /
to $paths
if $paths
is empty.
I found a related discussion in #31507 and some related comments in #27003 where get_site_by_path()
was first introduced but none of them quite address this issue.
Attachments (1)
Change History (6)
#3
@
9 years ago
Thanks for the patch @mordauk. I have a feeling this is a duplicate of #17376. In one of the later comments, I laid out a series of URLs and expectations, but left out any network admin URLs. I'm guessing they act the same.
Can you check that out and confirm?
Any more details on what's necessary server-wise to replicate for testing?