Rewrite: In `url_to_postid()`, bail early if the URL does not belong to the site.
Props ivankristianto, swissspidy, jkhongusc, SergeyBiryukov. Fixes #39373. git-svn-id: https://develop.svn.wordpress.org/trunk@41786 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
944d28b6e4
commit
c02645bf13
|
@ -471,6 +471,14 @@ function url_to_postid( $url ) {
|
|||
*/
|
||||
$url = apply_filters( 'url_to_postid', $url );
|
||||
|
||||
$url_host = str_replace( 'www.', '', parse_url( $url, PHP_URL_HOST ) );
|
||||
$home_url_host = str_replace( 'www.', '', parse_url( home_url(), PHP_URL_HOST ) );
|
||||
|
||||
// Bail early if the URL does not belong to this site.
|
||||
if ( $url_host && $url_host !== $home_url_host ) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
// First, check to see if there is a 'p=N' or 'page_id=N' to match against
|
||||
if ( preg_match('#[?&](p|page_id|attachment_id)=(\d+)#', $url, $values) ) {
|
||||
$id = absint($values[2]);
|
||||
|
|
|
@ -359,6 +359,20 @@ class Tests_Rewrite extends WP_UnitTestCase {
|
|||
update_option( 'show_on_front', 'posts' );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 39373
|
||||
*/
|
||||
public function test_url_to_postid_should_bail_when_host_does_not_match() {
|
||||
$this->set_permalink_structure( '/%postname%/' );
|
||||
|
||||
$post_id = self::factory()->post->create( array( 'post_name' => 'foo-bar-baz' ) );
|
||||
$permalink = get_permalink( $post_id );
|
||||
$url = str_replace( home_url(), 'http://some-other-domain.com', get_permalink( $post_id ) );
|
||||
|
||||
$this->assertSame( $post_id, url_to_postid( $permalink ) );
|
||||
$this->assertSame( 0, url_to_postid( $url ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 21970
|
||||
*/
|
||||
|
|
Loading…
Reference in New Issue