[wp-trac] [WordPress Trac] #38709: Unlimited query for invalid post names
WordPress Trac
noreply at wordpress.org
Tue Nov 8 13:25:14 UTC 2016
#38709: Unlimited query for invalid post names
--------------------------+-----------------------------
Reporter: david.binda | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Permalinks | Version: 4.6.1
Severity: normal | Keywords:
Focuses: performance |
--------------------------+-----------------------------
In case a request which is being parsed as one which sets a "name" query
var (eg.: `http://localhost/wordpress-latest/2016/11/08/[` ) includes an
invalid name ( the `[` ), a query without any limit with empty post_name
is triggered:
{{{#!sql
SELECT wp_posts.*
FROM wp_posts
WHERE 1=1
AND ( ( YEAR( wp_posts.post_date ) = 2016
AND MONTH( wp_posts.post_date ) = 11
AND DAYOFMONTH( wp_posts.post_date ) = 8 ) )
AND wp_posts.post_name = ''
AND wp_posts.post_type = 'post'
ORDER BY wp_posts.post_date DESC
}}}
The problem with the query is that it matches all the drafts in the
database, since they don't have the post_name set (is empty). This may
have a performance implications for the database in case it contains a lot
of drafts (or posts without the post_name set for any reason) as it
queries all the posts.
The `post_name` is being set as empty due to `sanitize_title_for_query` in
https://core.trac.wordpress.org/browser/tags/4.6.1/src/wp-
includes/query.php#L2717
I have tested a more suitable validation function than `trim` ( eg.:
`sanitize_title` ) in
https://core.trac.wordpress.org/browser/tags/4.6.1/src/wp-
includes/query.php#L1609 but it leads to archives being served on those
invalid URLs, which does not seem like good fix.
Trying to set `posts_per_page` to 1 in case the `name` is parsed based on
the rewrite rule (which seems like a good thing since we really should be
interested in a single and unique post_name in such cases) hits a wall as
the is_singular() returns true and the limit is not set even if the
posts_per_page is present ( due to
https://core.trac.wordpress.org/browser/tags/4.6.1/src/wp-
includes/query.php#L3215 ).
So the fix might need to be more complicated than.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/38709>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list