From ae6a847aacd2f0e256b4b3cc2d64f35bb66a49dc Mon Sep 17 00:00:00 2001
From: Anand Rajaram <anandrajaram21@gmail.com>
Date: Wed, 19 Nov 2025 21:46:31 +0530
Subject: [PATCH 1/3] refactor: replace direct SQL with WP_Query in
 redirect_guess_404_permalink()

---
 src/wp-includes/canonical.php | 59 ++++++++++++++++++++++++++++-------
 1 file changed, 48 insertions(+), 11 deletions(-)

diff --git a/src/wp-includes/canonical.php b/src/wp-includes/canonical.php
index 9315ba7fb7ff9..4f6c3843b8dc2 100644
--- a/src/wp-includes/canonical.php
+++ b/src/wp-includes/canonical.php
@@ -972,10 +972,35 @@ function redirect_guess_404_permalink() {
 		 */
 		$strict_guess = apply_filters( 'strict_redirect_guess_404_permalink', false );
 
+		// Build WP_Query arguments.
+		$query_args = array(
+			'post_status'         => $publicly_viewable_statuses,
+			'posts_per_page'      => 1,
+			'no_found_rows'       => true,
+			'ignore_sticky_posts' => true,
+			'fields'              => 'ids',
+		);
+
+		// Handle strict vs. loose post_name matching.
 		if ( $strict_guess ) {
-			$where = $wpdb->prepare( 'post_name = %s', get_query_var( 'name' ) );
+			$query_args['name'] = get_query_var( 'name' );
 		} else {
-			$where = $wpdb->prepare( 'post_name LIKE %s', $wpdb->esc_like( get_query_var( 'name' ) ) . '%' );
+			// For loose matching (LIKE), we'll use a posts_where filter.
+			$post_name_for_filter = get_query_var( 'name' );
+
+			// Store the filter callback so we can remove it later.
+			$post_name_where_filter = function ( $where, $query ) use ( $post_name_for_filter, $wpdb ) {
+				// Only apply to our specific query.
+				if ( isset( $query->query_vars['redirect_guess_404'] ) && $query->query_vars['redirect_guess_404'] ) {
+					$where .= $wpdb->prepare( " AND {$wpdb->posts}.post_name LIKE %s", $wpdb->esc_like( $post_name_for_filter ) . '%' );
+				}
+				return $where;
+			};
+
+			add_filter( 'posts_where', $post_name_where_filter, 10, 2 );
+
+			// Mark this query so our filter knows to apply the LIKE clause.
+			$query_args['redirect_guess_404'] = true;
 		}
 
 		// If any of post_type, year, monthnum, or day are set, use them to refine the query.
@@ -985,34 +1010,46 @@ function redirect_guess_404_permalink() {
 				if ( empty( $post_types ) ) {
 					return false;
 				}
-				$where .= " AND post_type IN ('" . join( "', '", esc_sql( get_query_var( 'post_type' ) ) ) . "')";
+				$query_args['post_type'] = $post_types;
 			} else {
 				if ( ! in_array( get_query_var( 'post_type' ), $publicly_viewable_post_types, true ) ) {
 					return false;
 				}
-				$where .= $wpdb->prepare( ' AND post_type = %s', get_query_var( 'post_type' ) );
+				$query_args['post_type'] = get_query_var( 'post_type' );
 			}
 		} else {
-			$where .= " AND post_type IN ('" . implode( "', '", esc_sql( $publicly_viewable_post_types ) ) . "')";
+			$query_args['post_type'] = $publicly_viewable_post_types;
 		}
 
+		// Handle date queries.
+		$date_query = array();
 		if ( get_query_var( 'year' ) ) {
-			$where .= $wpdb->prepare( ' AND YEAR(post_date) = %d', get_query_var( 'year' ) );
+			$date_query['year'] = get_query_var( 'year' );
 		}
 		if ( get_query_var( 'monthnum' ) ) {
-			$where .= $wpdb->prepare( ' AND MONTH(post_date) = %d', get_query_var( 'monthnum' ) );
+			$date_query['month'] = get_query_var( 'monthnum' );
 		}
 		if ( get_query_var( 'day' ) ) {
-			$where .= $wpdb->prepare( ' AND DAYOFMONTH(post_date) = %d', get_query_var( 'day' ) );
+			$date_query['day'] = get_query_var( 'day' );
 		}
+		if ( ! empty( $date_query ) ) {
+			$query_args['date_query'] = array( $date_query );
+		}
+
+		// Execute the query.
+		$query = new WP_Query( $query_args );
 
-		// phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared
-		$post_id = $wpdb->get_var( "SELECT ID FROM $wpdb->posts WHERE $where AND post_status IN ('" . implode( "', '", esc_sql( $publicly_viewable_statuses ) ) . "')" );
+		// Clean up the filter if we added it (remove only our specific callback).
+		if ( ! $strict_guess && isset( $post_name_where_filter ) ) {
+			remove_filter( 'posts_where', $post_name_where_filter, 10 );
+		}
 
-		if ( ! $post_id ) {
+		if ( empty( $query->posts ) ) {
 			return false;
 		}
 
+		$post_id = $query->posts[0];
+
 		if ( get_query_var( 'feed' ) ) {
 			return get_post_comments_feed_link( $post_id, get_query_var( 'feed' ) );
 		} elseif ( get_query_var( 'page' ) > 1 ) {

From ce90699085a5573338fcbcc338ef688426b1ee97 Mon Sep 17 00:00:00 2001
From: Anand Rajaram <anandrajaram21@gmail.com>
Date: Thu, 20 Nov 2025 14:40:43 +0530
Subject: [PATCH 2/3] perf: optimize wp query and remove superfluous comments

---
 src/wp-includes/canonical.php | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/wp-includes/canonical.php b/src/wp-includes/canonical.php
index 4f6c3843b8dc2..69232861bd904 100644
--- a/src/wp-includes/canonical.php
+++ b/src/wp-includes/canonical.php
@@ -972,13 +972,14 @@ function redirect_guess_404_permalink() {
 		 */
 		$strict_guess = apply_filters( 'strict_redirect_guess_404_permalink', false );
 
-		// Build WP_Query arguments.
 		$query_args = array(
-			'post_status'         => $publicly_viewable_statuses,
-			'posts_per_page'      => 1,
-			'no_found_rows'       => true,
-			'ignore_sticky_posts' => true,
-			'fields'              => 'ids',
+			'post_status'            => $publicly_viewable_statuses,
+			'posts_per_page'         => 1,
+			'no_found_rows'          => true,
+			'ignore_sticky_posts'    => true,
+			'update_post_meta_cache' => false,
+			'update_post_term_cache' => false,
+			'fields'                 => 'ids',
 		);
 
 		// Handle strict vs. loose post_name matching.
@@ -991,7 +992,7 @@ function redirect_guess_404_permalink() {
 			// Store the filter callback so we can remove it later.
 			$post_name_where_filter = function ( $where, $query ) use ( $post_name_for_filter, $wpdb ) {
 				// Only apply to our specific query.
-				if ( isset( $query->query_vars['redirect_guess_404'] ) && $query->query_vars['redirect_guess_404'] ) {
+				if ( isset( $query->query_vars['redirect_guess_404'] ) ) {
 					$where .= $wpdb->prepare( " AND {$wpdb->posts}.post_name LIKE %s", $wpdb->esc_like( $post_name_for_filter ) . '%' );
 				}
 				return $where;
@@ -1036,7 +1037,6 @@ function redirect_guess_404_permalink() {
 			$query_args['date_query'] = array( $date_query );
 		}
 
-		// Execute the query.
 		$query = new WP_Query( $query_args );
 
 		// Clean up the filter if we added it (remove only our specific callback).

From 9b52804033ee0a8f1c907d2cc5b98dbdc3dd1545 Mon Sep 17 00:00:00 2001
From: Anand Rajaram <anandrajaram21@gmail.com>
Date: Fri, 21 Nov 2025 13:24:01 +0530
Subject: [PATCH 3/3] chore: change filter function to a static function

---
 src/wp-includes/canonical.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/wp-includes/canonical.php b/src/wp-includes/canonical.php
index 69232861bd904..865e1d15cece9 100644
--- a/src/wp-includes/canonical.php
+++ b/src/wp-includes/canonical.php
@@ -990,7 +990,7 @@ function redirect_guess_404_permalink() {
 			$post_name_for_filter = get_query_var( 'name' );
 
 			// Store the filter callback so we can remove it later.
-			$post_name_where_filter = function ( $where, $query ) use ( $post_name_for_filter, $wpdb ) {
+			$post_name_where_filter = static function ( $where, $query ) use ( $post_name_for_filter, $wpdb ) {
 				// Only apply to our specific query.
 				if ( isset( $query->query_vars['redirect_guess_404'] ) ) {
 					$where .= $wpdb->prepare( " AND {$wpdb->posts}.post_name LIKE %s", $wpdb->esc_like( $post_name_for_filter ) . '%' );