Opened 41 hours ago
Last modified 40 hours ago
#49399 new defect (bug)
wp_get_users_with_no_role() does not handle user roles which contain numbers
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | normal | Version: | 5.3.2 |
| Component: | Users | Keywords: | needs-patch needs-unit-tests |
| Focuses: | Cc: | ||
| PR Number: |
Description
The function wp_get_users_with_no_role() does not correctly ascertain which roles it needs to search for. Before it queries the database it changes the names for roles which contain numbers (and special characters for that matter). It uses the following regex to adapt the list of roles it gets from wp_roles()->get_names():
<?php $regex = implode( '|', array_keys( $role_names ) ); $regex = preg_replace( '/[^a-zA-Z_\|-]/', '', $regex );
This results in roles with names like "Year1" and "Group1Admins" to be truncated to "Year" and "GroupAdmins" respectively before querying.
This could be easily solved by extending the regex pattern to also accept numbers:
<?php $regex = preg_replace( '/[^0-9a-zA-Z_\|-]/', '', $regex );
Change History (1)
Note: See
TracTickets for help on using
tickets.