sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Taxonomies: make sure taxonomy functions work correctly with taxonomy names with special characters

Browse Source 
The codex says that taxonomy names "should only contain lowercase letters and the underscore character", but that's not enforced. It's too late to enforce it, since some plugins haven't been following it and the official phpdoc doesn't mention this restriction.


git-svn-id: https://develop.svn.wordpress.org/trunk@37133 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Nikolay Bachiyski 2016-03-30 17:12:08 +00:00
parent 914df85ab4
commit c1c0759ab0
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/wp-includes/taxonomy.php
View File

@ -162,9 +162,9 @@ function get_taxonomies( $args = array(), $output = 'names', $operator = 'and' )
* Example:
*
* $taxonomies = get_object_taxonomies( 'post' );
*
*
* This results in:
*
*
* Array( 'category', 'post_tag' )
*
* @since 2.3.0
@ -747,7 +747,7 @@ function get_objects_in_term( $term_ids, $taxonomies, $args = array() ) {
$term_ids = array_map('intval', $term_ids );
$taxonomies = "'" . implode( "', '", $taxonomies ) . "'";
$taxonomies = "'" . implode( "', '", array_map( 'esc_sql', $taxonomies ) ) . "'";
$term_ids = "'" . implode( "', '", $term_ids ) . "'";
$object_ids = $wpdb->get_col("SELECT tr.object_id FROM $wpdb->term_relationships AS tr INNER JOIN $wpdb->term_taxonomy AS tt ON tr.term_taxonomy_id = tt.term_taxonomy_id WHERE tt.taxonomy IN ($taxonomies) AND tt.term_id IN ($term_ids) ORDER BY tr.object_id $order");
@ -952,7 +952,7 @@ function get_term_by( $field, $value, $taxonomy = '', $output = OBJECT, $filter
return $term;
}
$term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE $_field = %s $tax_clause LIMIT 1", $value ) );
$term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE $_field = %s", $value ) . " $tax_clause LIMIT 1" );
if ( ! $term )
return false;
@ -1357,7 +1357,7 @@ function get_terms( $args = array(), $deprecated = '' ) {
$where_conditions = array();
if ( $taxonomies ) {
$where_conditions[] = "tt.taxonomy IN ('" . implode("', '", $taxonomies) . "')";
$where_conditions[] = "tt.taxonomy IN ('" . implode("', '", array_map( 'esc_sql', $taxonomies ) ) . "')";
}
$exclude = $args['exclude'];
@ -2544,7 +2544,7 @@ function wp_get_object_terms($object_ids, $taxonomies, $args = array()) {
$taxonomy_array = $taxonomies;
$object_id_array = $object_ids;
$taxonomies = "'" . implode("', '", $taxonomies) . "'";
$taxonomies = "'" . implode("', '", array_map( 'esc_sql', $taxonomies ) ) . "'";
$object_ids = implode(', ', $object_ids);
$select_this = '';