[wp-trac] [WordPress Trac] #60059: Warning / Error in wp-includes/canonical.php when $_GET['author'] is an array
WordPress Trac
noreply at wordpress.org
Wed Dec 27 10:51:51 UTC 2023
#60059: Warning / Error in wp-includes/canonical.php when $_GET['author'] is an
array
---------------------------------------------+-----------------------------
Reporter: david.binda | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: Canonical | Version: trunk
Severity: normal | Resolution:
Keywords: needs-testing reporter-feedback | Focuses:
---------------------------------------------+-----------------------------
Comment (by SergeyBiryukov):
Replying to [comment:4 azaozz]:
> Makes sense to check for and ignore arrays there but don't seem to be
able to reproduce this (in trunk). Unless I'm missing something it seems a
non-scalar query value for `author` is ignored and `is_author()` returns
false.
I can reproduce the issue as described.
It appears that the `preg_match( '|^[0-9]+$|', $_GET['author'] )` check in
`redirect_canonical()` runs after the validation in
`WP_Query::parse_query()`, and is unaffected by that validation because it
checks the `$_GET['author']` value directly, not the parsed value.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/60059#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list