Ticket #15437: 15437.diff
| File 15437.diff, 1.7 KB (added by nacin, 3 years ago) |
|---|
-
wp-admin/admin-ajax.php
66 66 die( '0' ); 67 67 break; 68 68 case 'ajax-tag-search' : 69 if ( !current_user_can( 'edit_posts' ) ) 70 die('-1'); 69 if ( isset( $_GET['tax'] ) ) { 70 $taxonomy = sanitize_key( $_GET['tax'] ); 71 $tax = get_taxonomy( $taxonomy ); 72 if ( ! $tax ) 73 die( '0' ); 74 if ( ! current_user_can( $tax->cap->assign_terms ) ) 75 die( '-1' ); 76 } else { 77 die('0'); 78 } 71 79 72 80 $s = $_GET['q']; // is this slashed already? 73 81 74 if ( isset($_GET['tax']) )75 $taxonomy = sanitize_title($_GET['tax']);76 else77 die('0');78 79 82 if ( false !== strpos( $s, ',' ) ) { 80 83 $s = explode( ',', $s ); 81 84 $s = $s[count( $s ) - 1]; … … 547 550 $x->send(); 548 551 break; 549 552 case 'get-tagcloud' : 550 if ( !current_user_can( 'edit_posts' ) ) 551 die('-1'); 552 553 if ( isset($_POST['tax']) ) 554 $taxonomy = sanitize_title($_POST['tax']); 555 else 553 if ( isset( $_POST['tax'] ) ) { 554 $taxonomy = sanitize_key( $_POST['tax'] ); 555 $tax = get_taxonomy( $taxonomy ); 556 if ( ! $tax ) 557 die( '0' ); 558 if ( ! current_user_can( $tax->cap->assign_terms ) ) 559 die( '-1' ); 560 } else { 556 561 die('0'); 562 } 557 563 558 564 $tags = get_terms( $taxonomy, array( 'number' => 45, 'orderby' => 'count', 'order' => 'DESC' ) ); 559 565 560 if ( empty( $tags ) ) { 561 $tax = get_taxonomy( $taxonomy ); 566 if ( empty( $tags ) ) 562 567 die( isset( $tax->no_tagcloud ) ? $tax->no_tagcloud : __('No tags found!') ); 563 }564 568 565 if ( is_wp_error( $tags) )566 die( $tags->get_error_message());569 if ( is_wp_error( $tags ) ) 570 die( $tags->get_error_message() ); 567 571 568 572 foreach ( $tags as $key => $tag ) { 569 573 $tags[ $key ]->link = '#';
