From c8cc44523c5b2b8334d7c8eb2ca2dfe2a62f2cdc Mon Sep 17 00:00:00 2001
From: Vedanshu Jain <vedanshu.jain.2012@gmail.com>
Date: Tue, 5 Sep 2023 11:22:33 +0530
Subject: [PATCH 1/2] Avoing string to int comparison and add the id clause
 only when available.

---
 plugins/woocommerce/includes/wc-user-functions.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/plugins/woocommerce/includes/wc-user-functions.php b/plugins/woocommerce/includes/wc-user-functions.php
index 3e55a72ecef..cad80967219 100644
--- a/plugins/woocommerce/includes/wc-user-functions.php
+++ b/plugins/woocommerce/includes/wc-user-functions.php
@@ -362,6 +362,10 @@ function wc_customer_bought_product( $customer_email, $user_id, $product_id ) {
 				$statuses
 			);
 			$order_table = OrdersTableDataStore::get_orders_table_name();
+			$user_id_clause = '';
+			if ( $user_id ) {
+				$user_id_clause = 'OR o.customer_id = ' . absint( $user_id );
+			}
 			$sql = "
 SELECT im.meta_value FROM $order_table AS o
 INNER JOIN {$wpdb->prefix}woocommerce_order_items AS i ON o.id = i.order_id
@@ -369,8 +373,7 @@ INNER JOIN {$wpdb->prefix}woocommerce_order_itemmeta AS im ON i.order_item_id =
 WHERE o.status IN ('" . implode( "','", $statuses ) . "')
 AND im.meta_key IN ('_product_id', '_variation_id' )
 AND im.meta_value != 0
-AND ( o.customer_id IN ('" . implode( "','", $customer_data ) . "') OR o.billing_email IN ('" . implode( "','", $customer_data ) . "') )
-
+AND ( o.billing_email IN ('" . implode( "','", $customer_data ) . "') $user_id_clause )
 ";
 			$result = $wpdb->get_col( $sql );
 		} else {

From 5a22751aa153087bd1f06bdf999a4d2e912d8e16 Mon Sep 17 00:00:00 2001
From: Vedanshu Jain <vedanshu.jain.2012@gmail.com>
Date: Tue, 5 Sep 2023 11:47:28 +0530
Subject: [PATCH 2/2] Add unit test + changelog.

---
 .../woocommerce/changelog/fix-cust_bought_product_query_cache | 4 ++++
 .../woocommerce/tests/php/includes/wc-user-functions-test.php | 4 ++++
 2 files changed, 8 insertions(+)
 create mode 100644 plugins/woocommerce/changelog/fix-cust_bought_product_query_cache

diff --git a/plugins/woocommerce/changelog/fix-cust_bought_product_query_cache b/plugins/woocommerce/changelog/fix-cust_bought_product_query_cache
new file mode 100644
index 00000000000..4a0b1b5062d
--- /dev/null
+++ b/plugins/woocommerce/changelog/fix-cust_bought_product_query_cache
@@ -0,0 +1,4 @@
+Significance: patch
+Type: fix
+
+Avoid string<>int comparison in products bought query to avoid results with customer_id = 0.
diff --git a/plugins/woocommerce/tests/php/includes/wc-user-functions-test.php b/plugins/woocommerce/tests/php/includes/wc-user-functions-test.php
index f016055a4d3..a2149955f27 100644
--- a/plugins/woocommerce/tests/php/includes/wc-user-functions-test.php
+++ b/plugins/woocommerce/tests/php/includes/wc-user-functions-test.php
@@ -51,6 +51,10 @@ class WC_User_Functions_Tests extends WC_Unit_Test_Case {
 		$order_3->set_billing_email( 'test@example.com' );
 		$order_3->set_status( 'pending' );
 		$order_3->save();
+		$order_4 = wc_create_order();
+		$order_4->add_product( $product_1 );
+		$order_4->set_status( 'completed' );
+		$order_4->save();
 
 		$this->assertTrue( wc_customer_bought_product( 'test@example.com', $customer_id_1, $product_id_1 ) );
 		$this->assertTrue( wc_customer_bought_product( '', $customer_id_1, $product_id_1 ) );