When passing $full to get_posts_by_author_sql(), make sure a 'post_type' clause is included in results.

This change makes the 'post_type' clause in `wp_list_authors()` redundant, so
we remove it. Third-party plugins using `get_posts_by_author_sql()` may have
similarly redundant clauses, but this won't change the results returned by the
SQL queries.

Also adds unit tests for `get_posts_by_author_sql()`.

Props pbearne.
Fixes #30354.
Built from https://develop.svn.wordpress.org/trunk@31653


git-svn-id: http://core.svn.wordpress.org/trunk@31634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Boone Gorges 2015-03-07 01:15:28 +00:00
parent 6486a233c0
commit b421255fc8
3 changed files with 15 additions and 16 deletions

View File

@ -337,7 +337,7 @@ function wp_list_authors( $args = '' ) {
$authors = get_users( $query_args ); $authors = get_users( $query_args );
$author_count = array(); $author_count = array();
foreach ( (array) $wpdb->get_results( "SELECT DISTINCT post_author, COUNT(ID) AS count FROM $wpdb->posts WHERE post_type = 'post' AND " . get_private_posts_cap_sql( 'post' ) . " GROUP BY post_author" ) as $row ) { foreach ( (array) $wpdb->get_results( "SELECT DISTINCT post_author, COUNT(ID) AS count FROM $wpdb->posts WHERE " . get_private_posts_cap_sql( 'post' ) . " GROUP BY post_author" ) as $row ) {
$author_count[$row->post_author] = $row->count; $author_count[$row->post_author] = $row->count;
} }
foreach ( $authors as $author_id ) { foreach ( $authors as $author_id ) {

View File

@ -5344,35 +5344,34 @@ function get_posts_by_author_sql( $post_type, $full = true, $post_author = null,
$cap = $post_type_obj->cap->read_private_posts; $cap = $post_type_obj->cap->read_private_posts;
} }
if ( $full ) { $sql = $wpdb->prepare( 'post_type = %s', $post_type );
if ( null === $post_author ) {
$sql = $wpdb->prepare( 'WHERE post_type = %s AND ', $post_type ); if ( null !== $post_author ) {
} else { $sql .= $wpdb->prepare( ' AND post_author = %d', $post_author );
$sql = $wpdb->prepare( 'WHERE post_author = %d AND post_type = %s AND ', $post_author, $post_type );
}
} else {
$sql = '';
} }
$sql .= "(post_status = 'publish'";
// Only need to check the cap if $public_only is false. // Only need to check the cap if $public_only is false.
$post_status_sql = "post_status = 'publish'";
if ( false === $public_only ) { if ( false === $public_only ) {
if ( current_user_can( $cap ) ) { if ( current_user_can( $cap ) ) {
// Does the user have the capability to view private posts? Guess so. // Does the user have the capability to view private posts? Guess so.
$sql .= " OR post_status = 'private'"; $post_status_sql .= " OR post_status = 'private'";
} elseif ( is_user_logged_in() ) { } elseif ( is_user_logged_in() ) {
// Users can view their own private posts. // Users can view their own private posts.
$id = get_current_user_id(); $id = get_current_user_id();
if ( null === $post_author || ! $full ) { if ( null === $post_author || ! $full ) {
$sql .= " OR post_status = 'private' AND post_author = $id"; $post_status_sql .= " OR post_status = 'private' AND post_author = $id";
} elseif ( $id == (int) $post_author ) { } elseif ( $id == (int) $post_author ) {
$sql .= " OR post_status = 'private'"; $post_status_sql .= " OR post_status = 'private'";
} // else none } // else none
} // else none } // else none
} }
$sql .= ')'; $sql .= " AND ($post_status_sql)";
if ( $full ) {
$sql = 'WHERE ' . $sql;
}
return $sql; return $sql;
} }

View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.2-alpha-31652'; $wp_version = '4.2-alpha-31653';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.