Support » Plugin: Relevanssi - A Better Search » Does’t index custom post types from version 4.0

  • Resolved Oleksandr


    Database contains some posts with custom status and this status doesn’t registered in wp.
    From version 4 posts with this statuses excluded from index when i start rebuild the index.

    add_filter('relevanssi_valid_status', 'rlv_add__valid_status');
    	function rlv_add__valid_status( $index_statuses ) {
    		$index_statuses[] = "closed";
    		$index_statuses[] = "private_manual"; // Not registered post type, but require for include in search
    		/*  admin-logout for exclude some private info from post */
    		if( current_user_can( 'manage_options') ) {
    			global $pagenow;
    			if( $pagenow == 'options-general.php' && $_GET[ 'page'] == 'relevanssi/relevanssi.php' ){
    				global $current_user;
    				$current_user = null;
    				wp_set_current_user( 0 );
    		return $index_statuses;
Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Mikko Saari


    Have you registered those posts statuses? If you run get_post_stati(), your additions are in the list? Relevanssi checks the custom statuses against that list.

    I’ll look into this, I have a site where I use custom statuses, I can test this there. I’ll get back to you.

    • This reply was modified 2 years, 7 months ago by Mikko Saari.
    Plugin Author Mikko Saari


    Ok, found it. There’s a small bug in Relevanssi.

    In lib/indexing.php, edit the function relevanssi_valid_status_array(). Line

    $post_stati = get_post_stati( array(), 'names' );

    should be

    $post_stati = array_keys( get_post_stati( array(), 'names' ) );

    Then the custom post statuses should work.

    The post type “private_manual” doesn’t registered and doesn’t visible for get_post_stati function.
    But I think a verification for exists statueses is absolutely superfluous.

    Plugin Author Mikko Saari


    It’s a safety feature. If you look at it from the other direction – why should anything else but registered post statuses be allowed there? If there’s no validation, that’s a way to do MySQL injection attacks, and comparing against registered statuses seems to me a pretty good way of validation.

    How are you using custom post statuses, if you’re not registering them with WP? Just setting the post_status manually? Is there a reason why you can’t just register the status?

    that’s a way to do MySQL injection attacks

    I think if anyone can access to code (like write a function ‘add_filter(…)’) he also can write some code like ‘drop table …’ so this validation looks as superfluous.
    Ok – I understand a problem and close the ticket.
    Thanks fro great plugin.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Does’t index custom post types from version 4.0’ is closed to new replies.