[wp-trac] [WordPress Trac] #34844: Primary network site loads with any arbitrary path on sub-folder networks
WordPress Trac
noreply at wordpress.org
Thu Dec 3 19:19:57 UTC 2015
#34844: Primary network site loads with any arbitrary path on sub-folder networks
--------------------------------+-----------------------------
Reporter: mordauk | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Networks and Sites | Version: trunk
Severity: normal | Keywords:
Focuses: multisite |
--------------------------------+-----------------------------
Take this example:
- Network install with subfolders
- Primary site is /
- Any number of sites in the network
On some server setups (including WordPress.org itself), if you navigate to
`site.com/a-non-registered-site-path` the primary site is loaded, whereas
the expected behavior is for a `site not found` error.
Screenshot of network admin at `site.com/`:
[[Image(https://cldup.com/OGIvbqftgW-2000x2000.png)]]
Screenshot of network admin at `site.com/a-non-registered-site-path`:
[[Image(https://cldup.com/qh6r9CGdhL-2000x2000.png)]]
This happens because `$paths` in `get_site_by_path()` includes both `a
-non-registered-site-path` and `/` as allowed paths which are then used
for the `IN` statement of the SQL to find the current site:
{{{
$sql = $wpdb->prepare( "SELECT * FROM $wpdb->blogs WHERE domain = %s",
$domains[0] );
$sql .= " AND path IN ($search_paths) ORDER BY CHAR_LENGTH(path) DESC
LIMIT 1";
$site = $wpdb->get_row( $sql );
}}}
I've managed to fix the issue by only adding `/` to `$paths` if `$paths`
is empty.
I found a related discussion in
https://core.trac.wordpress.org/ticket/31507 and some related comments in
https://core.trac.wordpress.org/ticket/27003 where `get_site_by_path()`
was first introduced but none of them quite address this issue.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/34844>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list