Meta: Improve ID casting when getting, updating or deleting meta data.
Blindly casting IDs to absolute integers in `get_metadata_by_mid()`, `update_metadata_by_mid()` and `delete_metadata_by_mid()` can cause unexpected behaviour when a floating or negative number is passed. Fixes #37746. git-svn-id: https://develop.svn.wordpress.org/trunk@38699 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Peter Wilson
parent
17ef6d8cfa
commit
fe0ba53c44
@ -567,12 +567,12 @@ function metadata_exists( $meta_type, $object_id, $meta_key ) {
|
||||
function get_metadata_by_mid( $meta_type, $meta_id ) {
|
||||
global $wpdb;
|
||||
|
||||
if ( ! $meta_type || ! is_numeric( $meta_id ) ) {
|
||||
if ( ! $meta_type || ! is_numeric( $meta_id ) || floor( $meta_id ) != $meta_id ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$meta_id = absint( $meta_id );
|
||||
if ( ! $meta_id ) {
|
||||
$meta_id = intval( $meta_id );
|
||||
if ( $meta_id <= 0 ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -611,12 +611,12 @@ function update_metadata_by_mid( $meta_type, $meta_id, $meta_value, $meta_key =
|
||||
global $wpdb;
|
||||
|
||||
// Make sure everything is valid.
|
||||
if ( ! $meta_type || ! is_numeric( $meta_id ) ) {
|
||||
if ( ! $meta_type || ! is_numeric( $meta_id ) || floor( $meta_id ) != $meta_id ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$meta_id = absint( $meta_id );
|
||||
if ( ! $meta_id ) {
|
||||
$meta_id = intval( $meta_id );
|
||||
if ( $meta_id <= 0 ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -702,12 +702,12 @@ function delete_metadata_by_mid( $meta_type, $meta_id ) {
|
||||
global $wpdb;
|
||||
|
||||
// Make sure everything is valid.
|
||||
if ( ! $meta_type || ! is_numeric( $meta_id ) ) {
|
||||
if ( ! $meta_type || ! is_numeric( $meta_id ) || floor( $meta_id ) != $meta_id ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$meta_id = absint( $meta_id );
|
||||
if ( ! $meta_id ) {
|
||||
$meta_id = intval( $meta_id );
|
||||
if ( $meta_id <= 0 ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@ -292,6 +292,44 @@ class Tests_Meta extends WP_UnitTestCase {
|
||||
$this->assertFalse( delete_metadata_by_mid( 'user', array( 1 ) ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 37746
|
||||
*/
|
||||
function test_negative_meta_id() {
|
||||
$negative_mid = $this->meta_id * -1;
|
||||
|
||||
$this->assertTrue( $negative_mid < 0 );
|
||||
$this->assertFalse( get_metadata_by_mid( 'user', $negative_mid ) );
|
||||
$this->assertFalse( update_metadata_by_mid( 'user', $negative_mid, 'meta_new_value' ) );
|
||||
$this->assertFalse( delete_metadata_by_mid( 'user', $negative_mid ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 37746
|
||||
*/
|
||||
function test_floating_meta_id() {
|
||||
$floating_mid = $this->meta_id + 0.1337;
|
||||
|
||||
$this->assertTrue( floor( $floating_mid ) !== $floating_mid );
|
||||
$this->assertFalse( get_metadata_by_mid( 'user', $floating_mid ) );
|
||||
$this->assertFalse( update_metadata_by_mid( 'user', $floating_mid, 'meta_new_value' ) );
|
||||
$this->assertFalse( delete_metadata_by_mid( 'user', $floating_mid ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 37746
|
||||
*/
|
||||
function test_string_point_zero_meta_id() {
|
||||
$meta_id = add_metadata( 'user', $this->author->ID, 'meta_key', 'meta_value_2' );
|
||||
|
||||
$string_mid = "{$meta_id}.0";
|
||||
|
||||
$this->assertTrue( floor( $string_mid ) == $string_mid );
|
||||
$this->assertNotEquals( false, get_metadata_by_mid( 'user', $string_mid ) );
|
||||
$this->assertNotEquals( false, update_metadata_by_mid( 'user', $string_mid, 'meta_new_value_2' ) );
|
||||
$this->assertNotEquals( false, delete_metadata_by_mid( 'user', $string_mid ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 15030
|
||||
*/
|
||||
|
||||
Loading…
Reference in New Issue
Block a user