sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Query: Ensure that queries work correctly with post type names with special characters. 

git-svn-id: https://develop.svn.wordpress.org/trunk@39952 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Dominik Schilling (ocean90) 2017-01-26 13:32:24 +00:00
parent 8f4e0b7ed8
commit d2374614c2
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/wp-includes/class-wp-query.php
View File

@ -2257,12 +2257,12 @@ class WP_Query {
if ( empty( $in_search_post_types ) ) { if ( empty( $in_search_post_types ) ) {
$where .= ' AND 1=0 '; $where .= ' AND 1=0 ';
} else { } else {
$where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", $in_search_post_types ) . "')"; $where .= " AND {$wpdb->posts}.post_type IN ('" . join( "', '", array_map( 'esc_sql', $in_search_post_types ) ) . "')";
} }
} elseif ( !empty( $post_type ) && is_array( $post_type ) ) { } elseif ( !empty( $post_type ) && is_array( $post_type ) ) {
$where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", $post_type) . "')"; $where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", esc_sql( $post_type ) ) . "')";
} elseif ( ! empty( $post_type ) ) { } elseif ( ! empty( $post_type ) ) {
$where .= " AND {$wpdb->posts}.post_type = '$post_type'"; $where .= $wpdb->prepare( " AND {$wpdb->posts}.post_type = %s", $post_type );
$post_type_object = get_post_type_object ( $post_type ); $post_type_object = get_post_type_object ( $post_type );
} elseif ( $this->is_attachment ) { } elseif ( $this->is_attachment ) {
$where .= " AND {$wpdb->posts}.post_type = 'attachment'"; $where .= " AND {$wpdb->posts}.post_type = 'attachment'";