mirror_php/wordpress
1
0
Fork 0
mirror of git://develop.git.wordpress.org/ synced 2025-01-17 21:08:44 +01:00
Code Issues Actions 99 Packages Projects Releases Wiki Activity

Users: Make sure WP_User_Query can be filtered using the fields parameter.

Browse Source 
This change ensures the `fields` parameter is taken into account when running `WP_User_Query` by fixing the conditional statement used to process the `fields` param.

Props rilwis, peterwilsoncc, NomNom99, hellofromTonya, audrasjb, rilwis, Boniu91.
Fixes #53177.


git-svn-id: https://develop.svn.wordpress.org/trunk@53255 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Jb Audras 2022-04-25 12:55:35 +00:00
parent 3dcdd4b799
commit bb76c79a44
2 changed files with 144 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/wp-includes/class-wp-user-query.php
View File

@ -274,6 +274,16 @@ class WP_User_Query {
$qv =& $this->query_vars;
$qv = $this->fill_query_vars( $qv );
$allowed_fields = array(
'ID',
'display_name',
'user_login',
'user_nicename',
'user_email',
'user_url',
'user_registered',
);
if ( is_array( $qv['fields'] ) ) {
$qv['fields'] = array_unique( $qv['fields'] );
@ -283,10 +293,11 @@ class WP_User_Query {
$this->query_fields[] = "$wpdb->users.$field";
}
$this->query_fields = implode( ',', $this->query_fields );
} elseif ( 'all' === $qv['fields'] ) {
} elseif ( ! in_array( $qv['fields'], $allowed_fields, true ) ) {
$this->query_fields = "$wpdb->users.*";
} else {
$this->query_fields = "$wpdb->users.ID";
$field = 'ID' === $qv['fields'] ? 'ID' : sanitize_key( $qv['fields'] );
$this->query_fields = "$wpdb->users.$field";
}
if ( isset( $qv['count_total'] ) && $qv['count_total'] ) {

139
tests/phpunit/tests/user/query.php
View File

@ -198,7 +198,7 @@ class Tests_User_Query extends WP_UnitTestCase {
'include' => self::$author_ids,
'meta_key' => 'last_name',
'orderby' => 'meta_value',
'fields' => 'ids',
'fields' => 'ID',
)
);
@ -220,7 +220,7 @@ class Tests_User_Query extends WP_UnitTestCase {
'include' => self::$author_ids,
'meta_key' => 'user_age',
'orderby' => 'meta_value_num',
'fields' => 'ids',
'fields' => 'ID',
)
);
@ -242,7 +242,7 @@ class Tests_User_Query extends WP_UnitTestCase {
'include' => self::$author_ids,
'meta_key' => 'foo',
'orderby' => 'foo',
'fields' => 'ids',
'fields' => 'ID',
)
);
@ -261,7 +261,7 @@ class Tests_User_Query extends WP_UnitTestCase {
$q = new WP_User_Query(
array(
'fields' => 'ids',
'fields' => 'ID',
'meta_query' => array(
'foo_key' => array(
'key' => 'foo',
@ -302,7 +302,7 @@ class Tests_User_Query extends WP_UnitTestCase {
$q = new WP_User_Query(
array(
'fields' => 'ids',
'fields' => 'ID',
'meta_query' => array(
'foo_key' => array(
'key' => 'foo',
@ -332,7 +332,7 @@ class Tests_User_Query extends WP_UnitTestCase {
$q = new WP_User_Query(
array(
'fields' => 'ids',
'fields' => 'ID',
'meta_query' => array(
'foo_key' => array(
'key' => 'foo',
@ -1281,7 +1281,7 @@ class Tests_User_Query extends WP_UnitTestCase {
'paged' => 2,
'orderby' => 'ID',
'order' => 'DESC', // Avoid funkiness with user 1.
'fields' => 'ids',
'fields' => 'ID',
)
);
@ -1357,7 +1357,7 @@ class Tests_User_Query extends WP_UnitTestCase {
$users = get_users(
array(
'role' => 'editor',
'fields' => 'ids',
'fields' => 'ID',
)
);
@ -1966,4 +1966,127 @@ class Tests_User_Query extends WP_UnitTestCase {
$this->assertContains( self::$author_ids[1], $found );
$this->assertContains( self::$author_ids[2], $found );
}
/**
* @ticket 53177
*
* @param $field
* @param $expected
*
* @return void
*
* @dataProvider data_returning_fields
*
* @covers WP_User_Query::prepare_query
*/
public function test_returning_fields( $field, $expected_values ) {
$q = new WP_User_Query(
array(
'fields' => $field,
'include ' => array( self::$admin_ids[0] ),
)
);
$results = $q->get_results();
if ( 'all_with_meta' === $field ) {
$data = array_shift( $results )->data;
} else {
$data = ( isset( $results[0]->data ) ) ? $results[0]->data : $results[0];
}
foreach ( $expected_values as $key => $expected_value ) {
if ( ! is_array( $results ) ) {
$this->assertEquals( array_shift( $results ), $expected_value );
} else {
$value = ( isset( $data->$key ) ) ? $data->$key : $data;
$this->assertEquals( $value, $expected_value );
}
}
}
public function data_returning_fields() {
return array(
'all' => array(
'field' => 'all',
'expected' => array(
'ID' => '1',
'user_login' => 'admin',
'user_nicename' => 'admin',
'user_email' => 'admin@example.org',
'user_url' => 'http://example.org',
'user_activation_key' => '',
'user_status' => '0',
'display_name' => 'admin',
),
),
'all_with_meta' => array(
'field' => 'all_with_meta',
'expected' => array(
'ID' => '1',
'user_login' => 'admin',
'user_nicename' => 'admin',
'user_email' => 'admin@example.org',
'user_url' => 'http://example.org',
'user_activation_key' => '',
'user_status' => '0',
'display_name' => 'admin',
),
),
'ID' => array(
'field' => 'ID',
'expected' => array(
'ID' => '1',
),
),
'display_name' => array(
'field' => 'display_name',
'expected' => array(
'display_name' => 'admin',
),
),
'user_login' => array(
'field' => 'user_login',
'expected' => array(
'user_login' => 'admin',
),
),
'user_nicename' => array(
'field' => 'user_nicename',
'expected' => array(
'user_nicename' => 'admin',
),
),
'user_email' => array(
'field' => 'user_email',
'expected' => array(
'user_email' => 'admin@example.org',
),
),
'invalid_field' => array(
'field' => 'invalid_field',
'expected' => array(
'0' => '1',
),
),
);
}
/**
* @ticket 53177
*
* @return void
*
* @covers WP_User_Query::prepare_query
*/
public function test_returning_field_user_registered() {
$q = new WP_User_Query(
array(
'fields' => 'user_registered',
'include' => array( self::$admin_ids[0] ),
)
);
$results = $q->get_results();
$this->assertNotFalse( DateTime::createFromFormat( 'Y-m-d H:i:s', $results[0] ) );
}
}