Ticket #9591: 9591.2.diff
| File 9591.2.diff, 4.0 KB (added by scribu, 3 years ago) |
|---|
-
wp-includes/taxonomy.php
534 534 case 'slug': 535 535 case 'name': 536 536 foreach ( $terms as $i => $term ) { 537 $terms[$i] = sanitize_t erm_field('slug', $term, 0, $taxonomy, 'db');537 $terms[$i] = sanitize_title_for_query($term); 538 538 } 539 539 $terms = array_filter($terms); 540 540 -
wp-includes/query.php
1786 1786 } 1787 1787 1788 1788 if ( '' != $q['name'] ) { 1789 $q['name'] = sanitize_title ($q['name']);1789 $q['name'] = sanitize_title_for_query($q['name']); 1790 1790 $where .= " AND $wpdb->posts.post_name = '" . $q['name'] . "'"; 1791 1791 } elseif ( '' != $q['pagename'] ) { 1792 1792 if ( isset($this->queried_object_id) ) { … … 1814 1814 1815 1815 $page_for_posts = get_option('page_for_posts'); 1816 1816 if ( ('page' != get_option('show_on_front') ) || empty($page_for_posts) || ( $reqpage != $page_for_posts ) ) { 1817 $q['pagename'] = str_replace('%2F', '/', urlencode(urldecode($q['pagename'])));1818 1817 $page_paths = '/' . trim($q['pagename'], '/'); 1819 $q['pagename'] = sanitize_title (basename($page_paths));1818 $q['pagename'] = sanitize_title_for_query(basename($page_paths)); 1820 1819 $q['name'] = $q['pagename']; 1821 1820 $where .= " AND ($wpdb->posts.ID = '$reqpage')"; 1822 1821 $reqpage_obj = get_page($reqpage); … … 1828 1827 } 1829 1828 } 1830 1829 } elseif ( '' != $q['attachment'] ) { 1831 $q['attachment'] = str_replace('%2F', '/', urlencode(urldecode($q['attachment'])));1832 1830 $attach_paths = '/' . trim($q['attachment'], '/'); 1833 $q['attachment'] = sanitize_title (basename($attach_paths));1831 $q['attachment'] = sanitize_title_for_query(basename($attach_paths)); 1834 1832 $q['name'] = $q['attachment']; 1835 1833 $where .= " AND $wpdb->posts.post_name = '" . $q['attachment'] . "'"; 1836 1834 } … … 1963 1961 $q['author_name'] = $q['author_name'][count($q['author_name'])-2]; // there was a trailling slash 1964 1962 } 1965 1963 } 1966 $q['author_name'] = sanitize_title ($q['author_name']);1964 $q['author_name'] = sanitize_title_for_query($q['author_name']); 1967 1965 $q['author'] = get_user_by('slug', $q['author_name']); 1968 1966 if ( $q['author'] ) 1969 1967 $q['author'] = $q['author']->ID; -
wp-includes/formatting.php
628 628 chr(197).chr(186) => 'z', chr(197).chr(187) => 'Z', 629 629 chr(197).chr(188) => 'z', chr(197).chr(189) => 'Z', 630 630 chr(197).chr(190) => 'z', chr(197).chr(191) => 's', 631 chr(200).chr(153) => 's', chr(200).chr(155) => 't', 631 632 // Euro Sign 632 633 chr(226).chr(130).chr(172) => 'E', 633 634 // GBP (Pound) Sign … … 783 784 * 784 785 * @param string $title The string to be sanitized. 785 786 * @param string $fallback_title Optional. A title to use if $title is empty. 787 * @param string $context Optional. The operation for which the string is sanitized 786 788 * @return string The sanitized string. 787 789 */ 788 function sanitize_title($title, $fallback_title = '' ) {790 function sanitize_title($title, $fallback_title = '', $context = 'save') { 789 791 $raw_title = $title; 790 $title = strip_tags($title);791 $title = apply_filters('sanitize_title', $title, $raw_title);792 792 793 if ( 'save' == $context ) 794 $title = remove_accents($title); 795 796 $title = apply_filters('sanitize_title', $title, $raw_title, $context); 797 793 798 if ( '' === $title || false === $title ) 794 799 $title = $fallback_title; 795 800 796 801 return $title; 797 802 } 798 803 804 function sanitize_title_for_query($title) { 805 return sanitize_title($title, '', 'query'); 806 } 807 799 808 /** 800 809 * Sanitizes title, replacing whitespace with dashes. 801 810 * … … 816 825 // Restore octets. 817 826 $title = preg_replace('|---([a-fA-F0-9][a-fA-F0-9])---|', '%$1', $title); 818 827 819 $title = remove_accents($title);820 828 if (seems_utf8($title)) { 821 829 if (function_exists('mb_strtolower')) { 822 830 $title = mb_strtolower($title, 'UTF-8');
