Make WordPress Core

Opened 4 years ago

Last modified 3 years ago

#50894 reviewing defect (bug)

Replicate default behaviour for Custom taxonomies while creating/updating a post.

Reported by: shashwatmittal's profile shashwatmittal Owned by: sergeybiryukov's profile SergeyBiryukov
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 5.4.2
Component: Taxonomy Keywords: has-patch
Focuses: Cc:

Description

Generally when creating/updating a post, while inserting the default taxonomies, there is a check to ensure that the taxonomy is associated with the given post type.
But the same doesn't applies with custom taxonomies. In case the data is passed, and the taxonomies is not associated with the passed post type, it still gets added. We should add a check for the same.

if ( ! empty( $postarr['tax_input'] ) ) {
		foreach ( $postarr['tax_input'] as $taxonomy => $tags ) {
			$taxonomy_obj = get_taxonomy( $taxonomy );

			if ( ! $taxonomy_obj ) {
				/* translators: %s: Taxonomy name. */
				_doing_it_wrong( __FUNCTION__, sprintf( __( 'Invalid taxonomy: %s.' ), $taxonomy ), '4.4.0' );
				continue;
			}

			// array = hierarchical, string = non-hierarchical.
			if ( is_array( $tags ) ) {
				$tags = array_filter( $tags );
			}

			if ( current_user_can( $taxonomy_obj->cap->assign_terms ) ) {
				wp_set_post_terms( $post_ID, $tags, $taxonomy );
			}
		}
	}

The above code should check if the taxonomy passed in the tax_input exists for current post type or not.

Change History (6)

This ticket was mentioned in PR #464 on WordPress/wordpress-develop by ShashwatMittal.


4 years ago
#1

  • Keywords has-patch added; needs-patch removed

Add a check before inserting custom taxonomies to post type. Checks if the custom taxonomy is associated with the post or not before inserting. The same things happens for default taxonomies already.

Trac ticket: https://core.trac.wordpress.org/ticket/50894

This ticket was mentioned in Slack in #core by shashwatmittal. View the logs.


4 years ago

#3 @SergeyBiryukov
4 years ago

  • Milestone changed from Awaiting Review to 5.6
  • Owner set to SergeyBiryukov
  • Status changed from new to reviewing

This ticket was mentioned in Slack in #core by helen. View the logs.


3 years ago

#5 @helen
3 years ago

  • Milestone changed from 5.6 to Awaiting Review

Because this is WordPress, I have a feeling there are probably people assigning terms to post types relying on exactly this lack of checking. I don't really have a strong opinion on whether we should change that, certainly technically it seems more correct. What I do know right this moment is that we are in beta 3 for 5.6 and I bet this will break somebody's custom code if not a distributed plugin. Would love some more opinions here from folks on whether we should make this change given what I understand to be potential implications.

#6 @shashwatmittal
3 years ago

@helen @SergeyBiryukov
I would like to advocate to include this in the next coming release. The reason for this is people might be using this unknowingly and that might be leading to some confusing data. Reason being, the custom taxonomy itself, which is not even associated to the post type itself, is getting a term assigned to it. I don't think there would be a use case where someone has not registered a specific custom taxonomy to a post type and is trying to assign some terms from that taxonomy to that post type. Let me know what you think about it.

Note: See TracTickets for help on using tickets.