Opened 19 months ago
Closed 19 months ago
#8844 closed defect (bug) (fixed)
BP_Friends_Friendship::get_random_friends() reports incorrect results
Reported by: | boonebgorges | Owned by: | imath |
---|---|---|---|
Milestone: | 11.2.0 | Priority: | normal |
Severity: | normal | Version: | 11.0.0 |
Component: | Friends | Keywords: | has-patch has-unit-tests |
Cc: |
Description
In [13092], the following comparison was changed from a loose ==
to a strong ===
: https://buddypress.trac.wordpress.org/browser/tags/11.1.0/src/bp-friends/classes/class-bp-friends-friendship.php?annotate=blame&marks=944#L935
Since the friendship records are pulled from the database using $wpdb->get_results()
, properties like friend_user_id
in the for
loop are always *strings*. Yet the method's documentation says that the $user_id
parameter should be an int
(which makes sense, given that you'll often pass a value like bp_loggedin_user_id()
to it). As a result, the strict comparison on this line always fails, which means that the returned ID is always the value of friend_user_id
. This can sometimes be the $user_id
itself, when the $user_id
was the recipient rather than the initiator of the original friendship request.
Strict comparison seems fine, but we then need to cast these values to int
before doing the comparison.
Other methods in the same class continue to use loose comparison, so aren't affected by a similar bug. https://buddypress.trac.wordpress.org/browser/tags/11.1.0/src/bp-friends/classes/class-bp-friends-friendship.php?annotate=blame&marks=438,440#L420 If we switch to strict comparison, we should do it in the same (correct) way throughout the class.
Change History (7)
#1
@
19 months ago
- Keywords needs-patch added
- Milestone changed from Awaiting Review to 11.2.0
- Version set to 11.0.0
This ticket was mentioned in PR #68 on buddypress/buddypress by @imath.
19 months ago
#2
- Keywords has-patch has-unit-tests added; needs-patch removed
- Fix a bug introduced in 13092 making sure to cast IDs retrieved by
$wpdb->results()
as integers when comparing them to another integer (user ID). - Use strong comparisons everywhere in the class.
- Add unit tests.
Trac ticket: https://buddypress.trac.wordpress.org/ticket/8844
#4
@
19 months ago
- Owner set to imath
- Resolution set to fixed
- Status changed from new to closed
In 13428:
Hi Boone,
You're totally right, thanks a lot for your feedback. We'll fix this asap.