Here is the setup:
- Using Firefox 3.0.3
- Started with these categories:
- Personal Thoughts {{UNDELETABLE}}
- Linux
- Tips
- Programming -> scripts
- Programming -> sourcecode
Here are the steps:
- In Firefox I opened up a tab with the WordPress ‘Edit Post’ page. This post had no previous category selected.
- In another tab, I opened up the WordPress ‘Manage Categories’ page.
- On the ‘Edit Post’ page I selected the category ‘Personal Thoughts’ but I did not save the changes.
- I then went to the ‘Manage Categories’ page, selected the ‘Personal Thoughts’ category, changed it’s title to ‘Personal Post’ and saved the changes.
- Lastly, I went back to the ‘Edit Post’ page and saved the changes to the post.
The problem:
At first everything seemed to work correctly. The changes made to the post were saved and I didn’t notice anything wrong until after refreshing the ‘Manage Categories’ page.
I found:
- Two new categories created ‘1481′ and ‘656′.
- Two categories titled ‘Programming’ and ’source code’ were both deleted.
- The default post is now deletable.
What exactly happened:
Without spending a lot of time delving into the WordPress software I couldn’t be accurate in what exactly happened.
What I believe happened:
After taking a cursory look into the ‘Edit Post’ page source code I see that the client side software is using Ajax and appears to be setup to send the server the selected categories for each post as a number.
Most likely when I changed the title of the category from ‘Personal Thoughts” to “Personal Post’ the ID of the category changed. For example, the category named ‘Personal Thoughts’ was given the category ID 15672. When I changed the category title to ‘Personal Post’ the category ID was changed to 19483. The problem being that in the ‘Edit Post’ tab the Ajax code still was hard coded with the category having ID 15672.
When I saved the changes to the post the Ajax code sent the number 15672 as the ID of the category I wanted for the post. Both the server side and client side software are not checking to make sure the category ID is valid. But the blame lies solely with the server side software. It doesn’t account for receiving a category ID that doesn’t exist and this somehow messed up it’s intended behavior causing it to create some strange things in the database.
What I would change:
It might make for a slower save but I would make the Ajax code query the server side software whenever I was trying to save the post and determine if my blog’s information changed at all since the page loaded. If there were changes made to the blog then the server side should send the new information to the Ajax code and force an update to whatever information changed. This would work well in 99% of cases but for the 1% it would be necessary to have the server side software also check to see if the category ID exists and if not then send an error code to the Ajax software and display a message to the user that the categories have changed and ask them to choose from the new list.
If a bug like this can rear its head I feel there must be a lot of issues in the WordPress server side software with sanitizing and verifying input data. I worry about this because any bugs will leave holes open for hackers attempting to penetrate the WordPress database to get to lots of passwords!
No matter what exactly happened this type of error should not occur. Especially when software is facing the internet it must be top priority to maintain secure and proper input.
I’m disappointed WordPress. :)
