Opened 6 years ago
Last modified 6 years ago
#44510 new defect (bug)
count_user_posts() does not check for empty $userid
Reported by: | Ste_95 | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | |
Component: | Users | Keywords: | has-patch |
Focuses: | Cc: |
Description
If count_user_posts()
is called with a NULL
$userid
, it will return the total count of all site posts, rather than 0 or some error.
I think this should not be expected behavior and we should bail early if $userid
is NULL
. This happens because get_posts_by_author_sql()
then ignores the $userid
arg if it is NULL.
https://core.trac.wordpress.org/browser/tags/4.9.6/src/wp-includes/user.php#L347
Attachments (3)
Change History (6)
Note: See
TracTickets for help on using
tickets.
I think this is solution