Opened 9 years ago
Closed 9 years ago
#36718 closed defect (bug) (fixed)
WP_Query::parse_query does not handle the "m" param correctly
Reported by: | vortfu | Owned by: | boonebgorges |
---|---|---|---|
Milestone: | 4.6 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Query | Keywords: | |
Focuses: | Cc: |
Description
The fix for #24884 (in r25138) introduced a bug where WP_Query::parse_query()
allows the m
param to be passed as a non scalar type - leading to a potential SQL query error in WP_Query::get_posts()
.
wp> $q = new WP_Query( [ 'm' => [ 123 ] ] );
wp> $q->get_posts();
Warning: strlen() expects parameter 1 to be string, array given in ./wp-includes/query.php on line 1689
Warning: strlen() expects parameter 1 to be string, array given in ./wp-includes/query.php on line 1691
Warning: strlen() expects parameter 1 to be string, array given in ./wp-includes/query.php on line 1693
Warning: substr() expects parameter 1 to be string, array given in ./wp-includes/query.php on line 2627
Warning: strlen() expects parameter 1 to be string, array given in ./wp-includes/query.php on line 2628
Warning: strlen() expects parameter 1 to be string, array given in ./wp-includes/query.php on line 2630
Warning: strlen() expects parameter 1 to be string, array given in ./wp-includes/query.php on line 2632
Warning: strlen() expects parameter 1 to be string, array given in ./wp-includes/query.php on line 2634
Warning: strlen() expects parameter 1 to be string, array given in ./wp-includes/query.php on line 2636
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish') ORDER BY' at line 1 for query SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND YEAR(wp_posts.post_date)= AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish') ORDER BY wp_posts.post_date DESC LIMIT 0, 10 ...
Thanks for the patch!