PHP notices and invalid "View Post" link on edit-comments.php when post type does not exist

[boonebgorges]

Steps to reproduce:

1. Register a custom post type
2. Create a post
3. Create a comment on that post
4. Stop registering the post type
5. Visit wp-admin/edit-comments.php

The markup built in WP_Comments_List_Table::column_response() for the "In Response To" column requires a valid post permalink, as well as the post type label corresponding to "View Post". Since permalinks to non-existent CPT objects cannot be valid, and since non-existent CPTs don't have any post type labels, it seems to me that we can probably bail out of this method early if the post type doesn't exist.

Similarly, column_date() probably shouldn't attempt to link to the post if the post type doesn't exist.

[boonebgorges]

36058.diff​ is a suggested fix. It changes both the In Response To and Submitted On columns to plain, unlinked text when the post type doesn't exist.

[SergeyBiryukov]

Is it different from #34918? :) Previously: #16956.

[boonebgorges]

Replying to SergeyBiryukov:

Is it different from #34918? :) Previously: #16956.

Yeah - #34918 and #16956 are about cap checks specifically, which, in addition to PHP notices and the like, can lead to privilege escalation in certain cases.

The current ticket is about whether various bits of the comment UX should be linked to the post permalink, when the post permalink can necessarily never be visited.

If we decide, as per #34918, that comments from non-existent post types should never be shown anywhere, then it will solve the current problem :) But if we decide to keep the rows, then we should fix/remove the links.

[rachelbaker]

Related: #35279 - where the comment_date doesn't link to the post if the comment_post_ID = 0, should also check that the post exists.

[rachelbaker]

Punting back out to Future Release

[ocean90]

#40684 was marked as a duplicate.

[sebastian.pisula]

Refresh path