Opened 5 months ago
Last modified 5 months ago
#63902 new defect (bug)
wp_get_post_autosave() uses a non-limited SQL query
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | minor | Version: | 6.8 |
| Component: | Query | Keywords: | has-patch |
| Focuses: | Cc: |
Description
In [59715] via #62658 wp_get_post_autosave() was switched from a raw SQL (with a LIMIT 1) to a cached WP_Query instance with posts_per_page=1
However, as name=... is specified, WP_Query doesn't apply the posts_per_page limitation.
This is because a name=... sets is_singular, which then causes the post pagination to be skipped:
https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-query.php?rev=60697&marks=2797-2798,2811#L2797
This is not a problem at present, as the name being queried should only have a singular result.
For example (Returns false, as there's no autosave, but it's the query we're interested in, noting the lack of limit)
wp> wp_get_post_autosave( 123 ); bool(false) wp> $wpdb->last_query; SELECT wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.post_name = '123-autosave-v1' AND wp_posts.post_parent = 123 AND wp_posts.post_type = 'revision' AND ((wp_posts.post_status = 'inherit')) ORDER BY wp_posts.post_date DESC
This could have other side effects for plugin code, where instead of using the core wp_get_post_revisions() a WP_Query similar to post_type=revision&post_name=$ID-revision-v1&posts_per_page=1&order=DESC is made, expecting a singular result but getting all revisions. (Querying by name=... is not expected here, and should be post_type=revision&post_parent=$ID, but I can imagine a world where someone queries by name to avoid image attachments or something that wouldn't ever be returned anyway)
Two options as I see it:
- LIMIT 1 for all singular queries (Although, as noted, revisions break the notion of a singular post_name per post_type)
- Respect the posts_per_page given for singular queries, if provided. This may mean having to set a default of
1whennameis set.
Thanks to @vortfu for raising this, fyi @spacedmonkey since you were the committer of above
Change History (1)
This ticket was mentioned in PR #9703 on WordPress/wordpress-develop by @iamadisingh.
5 months ago
#1
- Keywords has-patch added
This PR fixes a bug in WP_Query::get_posts() where the pagination logic incorrectly skips adding LIMIT clauses for singular queries, even when posts_per_page is explicitly set.
Trac ticket: https://core.trac.wordpress.org/ticket/63902