In in_object_in_term(), only check numeric string values against term_id.

The previous `in_array()` check was playing too loose with mixed types, such
that a string like '10_term_name' would incorrectly match a term_id 10.

Props nobinobi, realloc.
Fixes #29467.
Built from https://develop.svn.wordpress.org/trunk@30205


git-svn-id: http://core.svn.wordpress.org/trunk@30205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Boone Gorges 2014-11-03 14:25:44 +00:00
parent d2a8ae2544
commit fc4b17a5d2
2 changed files with 14 additions and 5 deletions

View File

@ -4262,11 +4262,20 @@ function is_object_in_term( $object_id, $taxonomy, $terms = null ) {
$strs =& $terms; $strs =& $terms;
foreach ( $object_terms as $object_term ) { foreach ( $object_terms as $object_term ) {
if ( $ints && in_array( $object_term->term_id, $ints ) ) return true; // If int, check against term_id // If term is an int, check against term_ids only.
if ( $ints && in_array( $object_term->term_id, $ints ) ) {
return true;
}
if ( $strs ) { if ( $strs ) {
if ( in_array( $object_term->term_id, $strs ) ) return true; // Only check numeric strings against term_id, to avoid false matches due to type juggling.
if ( in_array( $object_term->name, $strs ) ) return true; $numeric_strs = array_map( 'intval', array_filter( $strs, 'is_numeric' ) );
if ( in_array( $object_term->slug, $strs ) ) return true; if ( in_array( $object_term->term_id, $numeric_strs, true ) ) {
return true;
}
if ( in_array( $object_term->name, $strs ) ) return true;
if ( in_array( $object_term->slug, $strs ) ) return true;
} }
} }

View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.1-alpha-30204'; $wp_version = '4.1-alpha-30205';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.