WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Users: Validate `WP_User_Query`'s `fields` argument. 

Improve validation of `WP_User_Query`'s `fields` argument when passed as an array to ensure it only accepts permitted values. This prevents the invalid values being included in the generated database query.

Expand unit tests to include passing invalid values as part of an array, the lower case value `id`. Correct earlier unit tests to limit database query to one result.

Follow up to [53255].

Props felipeelia.
Fixes #53177.


Built from https://develop.svn.wordpress.org/trunk@53327


git-svn-id: http://core.svn.wordpress.org/trunk@52916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Peter Wilson 2022-05-02 00:14:29 +00:00
parent 8267fdc9a2
commit 4a7bcc14e4
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
wp-includes/class-wp-user-query.php
View File

@ -285,7 +285,11 @@ class WP_User_Query {
);
if ( is_array( $qv['fields'] ) ) {
$qv['fields'] = array_unique( $qv['fields'] );
$qv['fields'] = array_intersect( array_unique( $qv['fields'] ), $allowed_fields );
if ( empty( $qv['fields'] ) ) {
$qv['fields'] = array( 'ID' );
}
$this->query_fields = array();
foreach ( $qv['fields'] as $field ) {
@ -293,8 +297,10 @@ class WP_User_Query {
$this->query_fields[] = "$wpdb->users.$field";
}
$this->query_fields = implode( ',', $this->query_fields );
} elseif ( ! in_array( $qv['fields'], $allowed_fields, true ) ) {
} elseif ( 'all' === $qv['fields'] ) {
$this->query_fields = "$wpdb->users.*";
} elseif ( ! in_array( $qv['fields'], $allowed_fields, true ) ) {
$this->query_fields = "$wpdb->users.ID";
} else {
$field = 'ID' === $qv['fields'] ? 'ID' : sanitize_key( $qv['fields'] );
$this->query_fields = "$wpdb->users.$field";

2
wp-includes/version.php
View File

@ -16,7 +16,7 @@
*
* @global string $wp_version
*/
$wp_version = '6.0-beta3-53326';
$wp_version = '6.0-beta3-53327';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.