WordPress.org

Make WordPress Core

Opened 4 months ago

Last modified 3 weeks ago

#50894 reviewing defect (bug)

Replicate default behaviour for Custom taxonomies while creating/updating a post.

Reported by: shashwatmittal Owned by: SergeyBiryukov
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 5.4.2
Component: Taxonomy Keywords: has-patch
Focuses: Cc:

Description

Generally when creating/updating a post, while inserting the default taxonomies, there is a check to ensure that the taxonomy is associated with the given post type.
But the same doesn't applies with custom taxonomies. In case the data is passed, and the taxonomies is not associated with the passed post type, it still gets added. We should add a check for the same.

if ( ! empty( $postarr['tax_input'] ) ) {
		foreach ( $postarr['tax_input'] as $taxonomy => $tags ) {
			$taxonomy_obj = get_taxonomy( $taxonomy );

			if ( ! $taxonomy_obj ) {
				/* translators: %s: Taxonomy name. */
				_doing_it_wrong( __FUNCTION__, sprintf( __( 'Invalid taxonomy: %s.' ), $taxonomy ), '4.4.0' );
				continue;
			}

			// array = hierarchical, string = non-hierarchical.
			if ( is_array( $tags ) ) {
				$tags = array_filter( $tags );
			}

			if ( current_user_can( $taxonomy_obj->cap->assign_terms ) ) {
				wp_set_post_terms( $post_ID, $tags, $taxonomy );
			}
		}
	}

The above code should check if the taxonomy passed in the tax_input exists for current post type or not.

Change History (5)

This ticket was mentioned in PR #464 on WordPress/wordpress-develop by ShashwatMittal.


4 months ago

  • Keywords has-patch added; needs-patch removed

Add a check before inserting custom taxonomies to post type. Checks if the custom taxonomy is associated with the post or not before inserting. The same things happens for default taxonomies already.

Trac ticket: https://core.trac.wordpress.org/ticket/50894

This ticket was mentioned in Slack in #core by shashwatmittal. View the logs.


3 months ago

#3 @SergeyBiryukov
3 months ago

  • Milestone changed from Awaiting Review to 5.6
  • Owner set to SergeyBiryukov
  • Status changed from new to reviewing

This ticket was mentioned in Slack in #core by helen. View the logs.


3 weeks ago

#5 @helen
3 weeks ago

  • Milestone changed from 5.6 to Awaiting Review

Because this is WordPress, I have a feeling there are probably people assigning terms to post types relying on exactly this lack of checking. I don't really have a strong opinion on whether we should change that, certainly technically it seems more correct. What I do know right this moment is that we are in beta 3 for 5.6 and I bet this will break somebody's custom code if not a distributed plugin. Would love some more opinions here from folks on whether we should make this change given what I understand to be potential implications.

Note: See TracTickets for help on using tickets.