More careful type conversion in `WP_Query` `is_*()` methods.

`is_array( 1, '1-foo' )` returns true, which means that `is_page( 1 )`
was returning true when on a page with the slug '1-foo'. We avoid this odd
behavior by casting the queried object ID to a string before testing against
the value passed to the conditional function.

This also helps to avoid a problem where an arbitrary value for `$page` would
cause `is_page( $page )` to return true if the query had been manipulated by
a plugin to show that the current page's ID is 0.

Props boonebgorges, r-a-y, nunomorgadinho, wonderboymusic, clifgriffin.
Fixes #24674.

git-svn-id: https://develop.svn.wordpress.org/trunk@31458 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Boone Gorges 2015-02-14 02:08:46 +00:00
parent 78b02ec722
commit 4138275df9
2 changed files with 156 additions and 6 deletions

View File

@ -4077,7 +4077,7 @@ class WP_Query {
$post_obj = $this->get_queried_object(); $post_obj = $this->get_queried_object();
if ( in_array( $post_obj->ID, $attachment ) ) { if ( in_array( (string) $post_obj->ID, $attachment ) ) {
return true; return true;
} elseif ( in_array( $post_obj->post_title, $attachment ) ) { } elseif ( in_array( $post_obj->post_title, $attachment ) ) {
return true; return true;
@ -4109,7 +4109,7 @@ class WP_Query {
$author = (array) $author; $author = (array) $author;
if ( in_array( $author_obj->ID, $author ) ) if ( in_array( (string) $author_obj->ID, $author ) )
return true; return true;
elseif ( in_array( $author_obj->nickname, $author ) ) elseif ( in_array( $author_obj->nickname, $author ) )
return true; return true;
@ -4141,7 +4141,7 @@ class WP_Query {
$category = (array) $category; $category = (array) $category;
if ( in_array( $cat_obj->term_id, $category ) ) if ( in_array( (string) $cat_obj->term_id, $category ) )
return true; return true;
elseif ( in_array( $cat_obj->name, $category ) ) elseif ( in_array( $cat_obj->name, $category ) )
return true; return true;
@ -4173,7 +4173,7 @@ class WP_Query {
$tag = (array) $tag; $tag = (array) $tag;
if ( in_array( $tag_obj->term_id, $tag ) ) if ( in_array( (string) $tag_obj->term_id, $tag ) )
return true; return true;
elseif ( in_array( $tag_obj->name, $tag ) ) elseif ( in_array( $tag_obj->name, $tag ) )
return true; return true;
@ -4370,7 +4370,7 @@ class WP_Query {
$page = (array) $page; $page = (array) $page;
if ( in_array( $page_obj->ID, $page ) ) { if ( in_array( (string) $page_obj->ID, $page ) ) {
return true; return true;
} elseif ( in_array( $page_obj->post_title, $page ) ) { } elseif ( in_array( $page_obj->post_title, $page ) ) {
return true; return true;
@ -4463,7 +4463,7 @@ class WP_Query {
$post = (array) $post; $post = (array) $post;
if ( in_array( $post_obj->ID, $post ) ) { if ( in_array( (string) $post_obj->ID, $post ) ) {
return true; return true;
} elseif ( in_array( $post_obj->post_title, $post ) ) { } elseif ( in_array( $post_obj->post_title, $post ) ) {
return true; return true;

View File

@ -742,6 +742,27 @@ class Tests_Query_Conditionals extends WP_UnitTestCase {
$this->assertFalse( is_single( 'foo' ) ); $this->assertFalse( is_single( 'foo' ) );
} }
/**
* @ticket 24674
*/
public function test_is_single_with_slug_that_begins_with_a_number_that_clashes_with_another_post_id() {
$p1 = $this->factory->post->create();
$p2_name = $p1 . '-post';
$p2 = $this->factory->post->create( array(
'slug' => $p2_name,
) );
$this->go_to( "/?p=$p1" );
$q = $GLOBALS['wp_query'];
$this->assertTrue( $q->is_single() );
$this->assertTrue( $q->is_single( $p1 ) );
$this->assertFalse( $q->is_single( $p2_name ) );
$this->assertFalse( $q->is_single( $p2 ) );
}
function test_is_page() { function test_is_page() {
$post_id = $this->factory->post->create( array( 'post_type' => 'page' ) ); $post_id = $this->factory->post->create( array( 'post_type' => 'page' ) );
$this->go_to( "/?page_id=$post_id" ); $this->go_to( "/?page_id=$post_id" );
@ -809,4 +830,133 @@ class Tests_Query_Conditionals extends WP_UnitTestCase {
$this->assertTrue( is_attachment( $post->post_title ) ); $this->assertTrue( is_attachment( $post->post_title ) );
$this->assertTrue( is_attachment( $post->post_name ) ); $this->assertTrue( is_attachment( $post->post_name ) );
} }
/**
* @ticket 24674
*/
public function test_is_attachment_with_slug_that_begins_with_a_number_that_clashes_with_a_page_ID() {
$p1 = $this->factory->post->create( array( 'post_type' => 'attachment' ) );
$p2_name = $p1 . '-attachment';
$p2 = $this->factory->post->create( array(
'post_type' => 'attachment',
'post_name' => $p2_name,
) );
$this->go_to( "/?attachment_id=$p1" );
$q = $GLOBALS['wp_query'];
$this->assertTrue( $q->is_attachment() );
$this->assertTrue( $q->is_attachment( $p1 ) );
$this->assertFalse( $q->is_attachment( $p2_name ) );
$this->assertFalse( $q->is_attachment( $p2 ) );
}
/**
* @ticket 24674
*/
public function test_is_author_with_nicename_that_begins_with_a_number_that_clashes_with_another_author_id() {
$u1 = $this->factory->user->create();
$u2_name = $u1 . '_user';
$u2 = $this->factory->user->create( array(
'user_nicename' => $u2_name,
) );
$this->go_to( "/?author=$u1" );
$q = $GLOBALS['wp_query'];
$this->assertTrue( $q->is_author() );
$this->assertTrue( $q->is_author( $u1 ) );
$this->assertFalse( $q->is_author( $u2_name ) );
$this->assertFalse( $q->is_author( $u2 ) );
}
/**
* @ticket 24674
*/
public function test_is_category_with_slug_that_begins_with_a_number_that_clashes_with_another_category_id() {
$c1 = $this->factory->category->create();
$c2_name = $c1 . '-category';
$c2 = $this->factory->category->create( array(
'slug' => $c2_name,
) );
$this->go_to( "/?cat=$c1" );
$q = $GLOBALS['wp_query'];
$this->assertTrue( $q->is_category() );
$this->assertTrue( $q->is_category( $c1 ) );
$this->assertFalse( $q->is_category( $c2_name ) );
$this->assertFalse( $q->is_category( $c2 ) );
}
/**
* @ticket 24674
*/
public function test_is_tag_with_slug_that_begins_with_a_number_that_clashes_with_another_tag_id() {
$t1 = $this->factory->tag->create();
$t2_name = $t1 . '-tag';
$t2 = $this->factory->tag->create( array(
'slug' => $t2_name,
) );
$this->go_to( "/?tag_id=$t1" );
$q = $GLOBALS['wp_query'];
$this->assertTrue( $q->is_tag() );
$this->assertTrue( $q->is_tag( $t1 ) );
$this->assertFalse( $q->is_tag( $t2_name ) );
$this->assertFalse( $q->is_tag( $t2 ) );
}
/**
* @ticket 24674
*/
public function test_is_page_with_page_id_zero_and_random_page_slug() {
$post_id = $this->factory->post->create( array( 'post_type' => 'page' ) );
$this->go_to( "/?page_id=$post_id" );
// override post ID to 0 temporarily for testing
$_id = $GLOBALS['wp_query']->post->ID;
$GLOBALS['wp_query']->post->ID = 0;
$post = get_queried_object();
$q = $GLOBALS['wp_query'];
$this->assertTrue( $q->is_page() );
$this->assertFalse( $q->is_page( 'sample-page' ) );
$this->assertFalse( $q->is_page( 'random-page-slug' ) );
// revert $wp_query global change
$GLOBALS['wp_query']->post->ID = $_id;
}
/**
* @ticket 24674
*/
public function test_is_page_with_page_slug_that_begins_with_a_number_that_clashes_with_a_page_ID() {
$p1 = $this->factory->post->create( array( 'post_type' => 'page' ) );
$p2_name = $p1 . '-page';
$p2 = $this->factory->post->create( array(
'post_type' => 'page',
'post_name' => $p2_name,
) );
$this->go_to( "/?page_id=$p1" );
$q = $GLOBALS['wp_query'];
$this->assertTrue( $q->is_page() );
$this->assertTrue( $q->is_page( $p1 ) );
$this->assertFalse( $q->is_page( $p2_name ) );
$this->assertFalse( $q->is_page( $p2 ) );
}
} }