From 3083effa523c4e873b272e64fbf11d9cda194909 Mon Sep 17 00:00:00 2001 From: John Blackbourn Date: Fri, 14 Oct 2016 12:04:50 +0000 Subject: [PATCH] Users: Use the role name instead of the role display name when fetching the list of users with no role. This avoids false positives when dealing with user roles that, for example, contain spaces in the display name. Props procodewp, choongsavvii Fixes #38234 git-svn-id: https://develop.svn.wordpress.org/trunk@38787 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/user.php | 2 +- .../tests/user/wpGetUsersWithNoRole.php | 21 +++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/src/wp-includes/user.php b/src/wp-includes/user.php index a83e57e099..22c2c1ea1d 100644 --- a/src/wp-includes/user.php +++ b/src/wp-includes/user.php @@ -2440,7 +2440,7 @@ function wp_get_users_with_no_role() { } $prefix = $wpdb->get_blog_prefix(); - $regex = implode( '|', wp_roles()->get_names() ); + $regex = implode( '|', array_keys( wp_roles()->get_names() ) ); $regex = preg_replace( '/[^a-zA-Z_\|-]/', '', $regex ); $users = $wpdb->get_col( $wpdb->prepare( " SELECT user_id diff --git a/tests/phpunit/tests/user/wpGetUsersWithNoRole.php b/tests/phpunit/tests/user/wpGetUsersWithNoRole.php index 6eb68234b5..cd7b118676 100644 --- a/tests/phpunit/tests/user/wpGetUsersWithNoRole.php +++ b/tests/phpunit/tests/user/wpGetUsersWithNoRole.php @@ -81,4 +81,25 @@ class Tests_User_GetUsersWithNoRole extends WP_UnitTestCase { } + /** + * Role comparison must be done on role name, not role display name. + * + * @ticket 38234 + */ + public function test_get_users_with_no_role_matches_on_role_name() { + // Create a role with a display name which would not match the role name + // in a case-insentive SQL query. + wp_roles()->add_role( 'somerole', 'Some role display name' ); + + $someuser = self::factory()->user->create( array( + 'role' => 'somerole', + ) ); + + $users = wp_get_users_with_no_role(); + + wp_roles()->remove_role( 'somerole' ); + + $this->assertEmpty( $users ); + } + }