Opened 2 years ago
Closed 2 years ago
#55877 closed defect (bug) (fixed)
wp_insert_post() should check that a post type exists before using it
Reported by: | Chouby | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 6.1 | Priority: | normal |
Severity: | normal | Version: | 5.1 |
Component: | Posts, Post Types | Keywords: | has-patch needs-unit-tests |
Focuses: | Cc: |
Description
In #27335 it was accepted that wp_insert_post()
can insert a post from an unknown post type - although not consistent with wp_insert_term()
which returns a WP_Error
for an invalid taxonomy but that's another issue.
Later, 42380 introduced some usage of the post type object inside wp_insert_post()
, still without checking that the post type exists.
Thus writing a test including:
<?php $args = array( 'post_title' => 'My post', 'post_type' => 'unregistered', 'post_status' => 'pending' ) $post_id = wp_insert_post( $args );
will fire the error Trying to get property 'cap' of non-object
.
Attachments (1)
Change History (6)
#3
@
2 years ago
Hi there!
I reproduced the issue fresh WordPress with the 6.1-alpha-53451 version and it is one additional warning.
PHP Warning: Attempt to read property "publish_posts" on null in wp-includes\post.php on line 4158
After the 55877.patch patch it will now show any error in log.
#4
@
2 years ago
@mukesh27 it looks good. I just have a suggestion here, I think it will be good if we make our if condition like this
if ( ! empty( $post_type_object ) && ! $update && 'pending' === $post_status && ! current_user_can( $post_type_object->cap->publish_posts ) )
As we are checking the $post_type_object first so whenever it will be null then it won't go to the second condition and it will save some time.
Thanks
The proposed patch fixes the PHP error still maintaining the possibility to insert post of invalid post types.