Canonical: Check if the author parameter is a string in redirect_canonical().

This avoids a PHP warning or error when viewing an author on the front end, while an array is passed as `$_GET['author']`. Follow-up to [12034], [12040], [12202]. Props david.binda, antonvlasenko, azaozz, SergeyBiryukov. Fixes #60059. git-svn-id: https://develop.svn.wordpress.org/trunk@57232 602fd350-edb4-49c9-b593-d223f7449a82
2025-10-16 12:05:38 +00:00 · 2023-12-29 13:52:57 +00:00 · 2023-12-29 13:52:57 +00:00 · 9f7fc54ca7
commit 9f7fc54ca7
parent da1f881cf4
2 changed files with 4 additions and 1 deletions
--- a/src/wp-includes/canonical.php
+++ b/src/wp-includes/canonical.php
@ -316,7 +316,9 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
 					$redirect['query'] = remove_query_arg( 'year', $redirect['query'] );
 				}
 			}
-		} elseif ( is_author() && ! empty( $_GET['author'] ) && preg_match( '|^[0-9]+$|', $_GET['author'] ) ) {
+		} elseif ( is_author() && ! empty( $_GET['author'] )
+			&& is_string( $_GET['author'] ) && preg_match( '|^[0-9]+$|', $_GET['author'] )
+		) {
 			$author = get_userdata( get_query_var( 'author' ) );

 			if ( false !== $author
--- a/tests/phpunit/tests/canonical.php
+++ b/tests/phpunit/tests/canonical.php
@ -206,6 +206,7 @@ class Tests_Canonical extends WP_Canonical_UnitTestCase {
 			array( '/?author=%d', '/author/canonical-author/' ),
 			// array( '/?author=%d&year=2008', '/2008/?author=3'),
 			// array( '/author/canonical-author/?year=2008', '/2008/?author=3'), // Either or, see previous testcase.
+			array( '/author/canonical-author/?author[1]=hello', '/author/canonical-author/?author[1]=hello', 60059 ),

 			// Feeds.
 			array( '/?feed=atom', '/feed/atom/' ),