Skip to:
Content

BuddyPress.org

#8844 closed defect (bug) (fixed)

BP_Friends_Friendship::get_random_friends() reports incorrect results

Reported by: boonebgorges's profile boonebgorges Owned by: imath's profile imath
Milestone: 11.2.0 Priority: normal
Severity: normal Version: 11.0.0
Component: Friends Keywords: has-patch has-unit-tests
Cc:

Description

In [13092], the following comparison was changed from a loose == to a strong ===: https://buddypress.trac.wordpress.org/browser/tags/11.1.0/src/bp-friends/classes/class-bp-friends-friendship.php?annotate=blame&marks=944#L935

Since the friendship records are pulled from the database using $wpdb->get_results(), properties like friend_user_id in the for loop are always *strings*. Yet the method's documentation says that the $user_id parameter should be an int (which makes sense, given that you'll often pass a value like bp_loggedin_user_id() to it). As a result, the strict comparison on this line always fails, which means that the returned ID is always the value of friend_user_id. This can sometimes be the $user_id itself, when the $user_id was the recipient rather than the initiator of the original friendship request.

Strict comparison seems fine, but we then need to cast these values to int before doing the comparison.

Other methods in the same class continue to use loose comparison, so aren't affected by a similar bug. https://buddypress.trac.wordpress.org/browser/tags/11.1.0/src/bp-friends/classes/class-bp-friends-friendship.php?annotate=blame&marks=438,440#L420 If we switch to strict comparison, we should do it in the same (correct) way throughout the class.

Change History (7)

#1 @imath
15 months ago

  • Keywords needs-patch added
  • Milestone changed from Awaiting Review to 11.2.0
  • Version set to 11.0.0

Hi Boone,

You're totally right, thanks a lot for your feedback. We'll fix this asap.

This ticket was mentioned in PR #68 on buddypress/buddypress by @imath.


15 months ago
#2

  • Keywords has-patch has-unit-tests added; needs-patch removed
  • Fix a bug introduced in 13092 making sure to cast IDs retrieved by $wpdb->results() as integers when comparing them to another integer (user ID).
  • Use strong comparisons everywhere in the class.
  • Add unit tests.

Trac ticket: https://buddypress.trac.wordpress.org/ticket/8844

#3 @imath
15 months ago

In 13427:

Improve comparison consistency in BP_Friends_Friendship

  • Fix a bug introduced in [13092] making sure to cast IDs retrieved by $wpdb->results() as integers when comparing them to another integer (user ID).
  • Use strong comparisons everywhere in the class.
  • Add unit tests.

Props boonebgorges

See #8844 (trunk)
Closes https://github.com/buddypress/buddypress/pull/68

#4 @imath
15 months ago

  • Owner set to imath
  • Resolution set to fixed
  • Status changed from new to closed

In 13428:

Improve comparison consistency in BP_Friends_Friendship

  • Fix a bug introduced in [13092] making sure to cast IDs retrieved by $wpdb->results() as integers when comparing them to another integer (user ID).
  • Use strong comparisons everywhere in the class.
  • Add unit tests.

Props boonebgorges

Fixes #8844 (branch 11.0)

#5 @imath
15 months ago

  • Resolution fixed deleted
  • Status changed from closed to reopened

Previous commit was made on the wrong branch (10.0)! Ouch. Reverting it asap before committing it to the right branch.

#6 @imath
15 months ago

In 13429:

Revert [13428] as it was made on the wrong branch (10.0)

See #8844

#7 @imath
15 months ago

  • Resolution set to fixed
  • Status changed from reopened to closed

In 13430:

Improve comparison consistency in BP_Friends_Friendship

  • Fix a bug introduced in [13092] making sure to cast IDs retrieved by $wpdb->results() as integers when comparing them to another integer (user ID).
  • Use strong comparisons everywhere in the class.
  • Add unit tests.

Props boonebgorges

Fixes #8844 (branch 11.0)

Note: See TracTickets for help on using tickets.