From c4a6004807868942090a9c365ba913165a084b49 Mon Sep 17 00:00:00 2001 From: Dhrupo Nil Date: Mon, 27 Apr 2026 14:56:38 +0600 Subject: [PATCH 1/2] Permalinks: Ignore malformed post type query arrays --- src/wp-includes/class-wp.php | 5 +- tests/phpunit/tests/wp/parseRequest.php | 66 +++++++++++++++++++++++++ 2 files changed, 70 insertions(+), 1 deletion(-) diff --git a/src/wp-includes/class-wp.php b/src/wp-includes/class-wp.php index f1664747d4042..6f05a5fdd7e69 100644 --- a/src/wp-includes/class-wp.php +++ b/src/wp-includes/class-wp.php @@ -382,7 +382,10 @@ public function parse_request( $extra_query_vars = '' ) { unset( $this->query_vars['post_type'] ); } } else { - $this->query_vars['post_type'] = array_intersect( $this->query_vars['post_type'], $queryable_post_types ); + $this->query_vars['post_type'] = array_intersect( + array_filter( $this->query_vars['post_type'], 'is_scalar' ), + $queryable_post_types + ); } } diff --git a/tests/phpunit/tests/wp/parseRequest.php b/tests/phpunit/tests/wp/parseRequest.php index a34a873e892fb..3408eedeb9454 100644 --- a/tests/phpunit/tests/wp/parseRequest.php +++ b/tests/phpunit/tests/wp/parseRequest.php @@ -56,4 +56,70 @@ static function ( $url ) { $this->wp->parse_request(); $this->assertSame( '', $this->wp->request ); } + + /** + * @ticket 65123 + */ + public function test_parse_request_ignores_non_scalar_post_type_values_from_get() { + $original_get = $_GET; + $original_post = $_POST; + $original_request = $_SERVER['REQUEST_URI'] ?? null; + $original_self = $_SERVER['PHP_SELF'] ?? null; + + $_GET['post_type'] = array( array( 'page' ), 'post' ); + $_SERVER['REQUEST_URI'] = '/?post_type[][]=page&post_type[]=post'; + $_SERVER['PHP_SELF'] = '/index.php'; + + $this->wp->parse_request(); + + $this->assertSame( array( 'post' ), array_values( $this->wp->query_vars['post_type'] ) ); + + $_GET = $original_get; + $_POST = $original_post; + + if ( null === $original_request ) { + unset( $_SERVER['REQUEST_URI'] ); + } else { + $_SERVER['REQUEST_URI'] = $original_request; + } + + if ( null === $original_self ) { + unset( $_SERVER['PHP_SELF'] ); + } else { + $_SERVER['PHP_SELF'] = $original_self; + } + } + + /** + * @ticket 65123 + */ + public function test_parse_request_ignores_non_scalar_post_type_values_from_post() { + $original_get = $_GET; + $original_post = $_POST; + $original_request = $_SERVER['REQUEST_URI'] ?? null; + $original_self = $_SERVER['PHP_SELF'] ?? null; + + $_POST['post_type'] = array( array( 'page' ), 'post' ); + $_SERVER['REQUEST_URI'] = '/'; + $_SERVER['PHP_SELF'] = '/index.php'; + + $this->wp->parse_request(); + + $this->assertSame( array( 'post' ), array_values( $this->wp->query_vars['post_type'] ) ); + + $_GET = $original_get; + $_POST = $original_post; + + if ( null === $original_request ) { + unset( $_SERVER['REQUEST_URI'] ); + } else { + $_SERVER['REQUEST_URI'] = $original_request; + } + + if ( null === $original_self ) { + unset( $_SERVER['PHP_SELF'] ); + } else { + $_SERVER['PHP_SELF'] = $original_self; + } + } } From 6b6be360a757c11093e916fd1ef3bc11bdd91dee Mon Sep 17 00:00:00 2001 From: Dhrupo Nil Date: Mon, 27 Apr 2026 16:09:56 +0600 Subject: [PATCH 2/2] Tests: Use a data provider for malformed post type query coverage --- tests/phpunit/tests/wp/parseRequest.php | 74 ++++++++++--------------- 1 file changed, 28 insertions(+), 46 deletions(-) diff --git a/tests/phpunit/tests/wp/parseRequest.php b/tests/phpunit/tests/wp/parseRequest.php index 3408eedeb9454..68b2e6c42c222 100644 --- a/tests/phpunit/tests/wp/parseRequest.php +++ b/tests/phpunit/tests/wp/parseRequest.php @@ -59,67 +59,49 @@ static function ( $url ) { /** * @ticket 65123 + * @dataProvider data_parse_request_ignores_non_scalar_post_type_values */ - public function test_parse_request_ignores_non_scalar_post_type_values_from_get() { + public function test_parse_request_ignores_non_scalar_post_type_values( $request_method, $request_uri ) { $original_get = $_GET; $original_post = $_POST; $original_request = $_SERVER['REQUEST_URI'] ?? null; $original_self = $_SERVER['PHP_SELF'] ?? null; - $_GET['post_type'] = array( array( 'page' ), 'post' ); - $_SERVER['REQUEST_URI'] = '/?post_type[][]=page&post_type[]=post'; - $_SERVER['PHP_SELF'] = '/index.php'; - - $this->wp->parse_request(); - - $this->assertSame( array( 'post' ), array_values( $this->wp->query_vars['post_type'] ) ); - - $_GET = $original_get; - $_POST = $original_post; - - if ( null === $original_request ) { - unset( $_SERVER['REQUEST_URI'] ); + if ( 'GET' === $request_method ) { + $_GET['post_type'] = array( array( 'page' ), 'post' ); } else { - $_SERVER['REQUEST_URI'] = $original_request; + $_POST['post_type'] = array( array( 'page' ), 'post' ); } - if ( null === $original_self ) { - unset( $_SERVER['PHP_SELF'] ); - } else { - $_SERVER['PHP_SELF'] = $original_self; - } - } - - /** - * @ticket 65123 - */ - public function test_parse_request_ignores_non_scalar_post_type_values_from_post() { - $original_get = $_GET; - $original_post = $_POST; - $original_request = $_SERVER['REQUEST_URI'] ?? null; - $original_self = $_SERVER['PHP_SELF'] ?? null; - - $_POST['post_type'] = array( array( 'page' ), 'post' ); - $_SERVER['REQUEST_URI'] = '/'; + $_SERVER['REQUEST_URI'] = $request_uri; $_SERVER['PHP_SELF'] = '/index.php'; - $this->wp->parse_request(); + try { + $this->wp->parse_request(); - $this->assertSame( array( 'post' ), array_values( $this->wp->query_vars['post_type'] ) ); + $this->assertSame( array( 'post' ), array_values( $this->wp->query_vars['post_type'] ) ); + } finally { + $_GET = $original_get; + $_POST = $original_post; - $_GET = $original_get; - $_POST = $original_post; + if ( null === $original_request ) { + unset( $_SERVER['REQUEST_URI'] ); + } else { + $_SERVER['REQUEST_URI'] = $original_request; + } - if ( null === $original_request ) { - unset( $_SERVER['REQUEST_URI'] ); - } else { - $_SERVER['REQUEST_URI'] = $original_request; + if ( null === $original_self ) { + unset( $_SERVER['PHP_SELF'] ); + } else { + $_SERVER['PHP_SELF'] = $original_self; + } } + } - if ( null === $original_self ) { - unset( $_SERVER['PHP_SELF'] ); - } else { - $_SERVER['PHP_SELF'] = $original_self; - } + public function data_parse_request_ignores_non_scalar_post_type_values() { + return array( + 'get' => array( 'GET', '/?post_type[][]=page&post_type[]=post' ), + 'post' => array( 'POST', '/' ), + ); } }