Ticket #9591: 9591.diff
| File 9591.diff, 5.5 KB (added by scribu, 2 years ago) |
|---|
-
wp-includes/query.php
1402 1402 if ( !is_array($qv['tag_slug__in']) || empty($qv['tag_slug__in']) ) { 1403 1403 $qv['tag_slug__in'] = array(); 1404 1404 } else { 1405 $qv['tag_slug__in'] = array_map('sanitize_title ', $qv['tag_slug__in']);1405 $qv['tag_slug__in'] = array_map('sanitize_title_for_query', $qv['tag_slug__in']); 1406 1406 $this->is_tag = true; 1407 1407 } 1408 1408 1409 1409 if ( !is_array($qv['tag_slug__and']) || empty($qv['tag_slug__and']) ) { 1410 1410 $qv['tag_slug__and'] = array(); 1411 1411 } else { 1412 $qv['tag_slug__and'] = array_map('sanitize_title ', $qv['tag_slug__and']);1412 $qv['tag_slug__and'] = array_map('sanitize_title_for_query', $qv['tag_slug__and']); 1413 1413 $this->is_tag = true; 1414 1414 } 1415 1415 … … 1707 1707 $where .= " AND DAYOFMONTH($wpdb->posts.post_date)='" . $q['day'] . "'"; 1708 1708 1709 1709 if ('' != $q['name']) { 1710 $q['name'] = sanitize_title ($q['name']);1710 $q['name'] = sanitize_title_for_query($q['name']); 1711 1711 $where .= " AND $wpdb->posts.post_name = '" . $q['name'] . "'"; 1712 1712 } else if ('' != $q['pagename']) { 1713 1713 if ( isset($this->queried_object_id) ) … … 1724 1724 if ( ('page' != get_option('show_on_front') ) || empty($page_for_posts) || ( $reqpage != $page_for_posts ) ) { 1725 1725 $q['pagename'] = str_replace('%2F', '/', urlencode(urldecode($q['pagename']))); 1726 1726 $page_paths = '/' . trim($q['pagename'], '/'); 1727 $q['pagename'] = sanitize_title (basename($page_paths));1727 $q['pagename'] = sanitize_title_for_query(basename($page_paths)); 1728 1728 $q['name'] = $q['pagename']; 1729 1729 $where .= " AND ($wpdb->posts.ID = '$reqpage')"; 1730 1730 $reqpage_obj = get_page($reqpage); … … 1737 1737 } elseif ('' != $q['attachment']) { 1738 1738 $q['attachment'] = str_replace('%2F', '/', urlencode(urldecode($q['attachment']))); 1739 1739 $attach_paths = '/' . trim($q['attachment'], '/'); 1740 $q['attachment'] = sanitize_title (basename($attach_paths));1740 $q['attachment'] = sanitize_title_for_query(basename($attach_paths)); 1741 1741 $q['name'] = $q['attachment']; 1742 1742 $where .= " AND $wpdb->posts.post_name = '" . $q['attachment'] . "'"; 1743 1743 } … … 1844 1844 1845 1845 // Category stuff for nice URLs 1846 1846 if ( '' != $q['category_name'] && !$this->is_singular ) { 1847 $q['category_name'] = implode('/', array_map('sanitize_title ', explode('/', $q['category_name'])));1847 $q['category_name'] = implode('/', array_map('sanitize_title_for_query', explode('/', $q['category_name']))); 1848 1848 $reqcat = get_category_by_path($q['category_name']); 1849 1849 $q['category_name'] = str_replace('%2F', '/', urlencode(urldecode($q['category_name']))); 1850 1850 $cat_paths = '/' . trim($q['category_name'], '/'); 1851 $q['category_name'] = sanitize_title (basename($cat_paths));1851 $q['category_name'] = sanitize_title_for_query(basename($cat_paths)); 1852 1852 1853 1853 $cat_paths = '/' . trim(urldecode($q['category_name']), '/'); 1854 $q['category_name'] = sanitize_title (basename($cat_paths));1854 $q['category_name'] = sanitize_title_for_query(basename($cat_paths)); 1855 1855 $cat_paths = explode('/', $cat_paths); 1856 1856 $cat_path = ''; 1857 1857 foreach ( (array) $cat_paths as $pathdir ) 1858 $cat_path .= ( $pathdir != '' ? '/' : '' ) . sanitize_title ($pathdir);1858 $cat_path .= ( $pathdir != '' ? '/' : '' ) . sanitize_title_for_query($pathdir); 1859 1859 1860 1860 //if we don't match the entire hierarchy fallback on just matching the nicename 1861 1861 if ( empty($reqcat) ) … … 2027 2027 $q['author_name'] = $q['author_name'][count($q['author_name'])-2];#there was a trailling slash 2028 2028 } 2029 2029 } 2030 $q['author_name'] = sanitize_title ($q['author_name']);2030 $q['author_name'] = sanitize_title_for_query($q['author_name']); 2031 2031 $q['author'] = $wpdb->get_var("SELECT ID FROM $wpdb->users WHERE user_nicename='".$q['author_name']."'"); 2032 2032 $q['author'] = get_user_by('slug', $q['author_name']); 2033 2033 if ( $q['author'] ) -
wp-includes/formatting.php
628 628 chr(197).chr(186) => 'z', chr(197).chr(187) => 'Z', 629 629 chr(197).chr(188) => 'z', chr(197).chr(189) => 'Z', 630 630 chr(197).chr(190) => 'z', chr(197).chr(191) => 's', 631 chr(200).chr(153) => 's', chr(200).chr(155) => 't', 631 632 // Euro Sign 632 633 chr(226).chr(130).chr(172) => 'E', 633 634 // GBP (Pound) Sign … … 761 762 * 762 763 * @param string $title The string to be sanitized. 763 764 * @param string $fallback_title Optional. A title to use if $title is empty. 765 * @param string $context Optional. The operation for which the string is sanitized 764 766 * @return string The sanitized string. 765 767 */ 766 function sanitize_title($title, $fallback_title = '' ) {768 function sanitize_title($title, $fallback_title = '', $context = 'save') { 767 769 $raw_title = $title; 768 $title = strip_tags($title);769 $title = apply_filters('sanitize_title', $title, $raw_title);770 770 771 if ( 'save' == $context ) 772 $title = remove_accents($title); 773 774 $title = apply_filters('sanitize_title', $title, $raw_title, $context); 775 771 776 if ( '' === $title || false === $title ) 772 777 $title = $fallback_title; 773 778 774 779 return $title; 775 780 } 776 781 782 function sanitize_title_for_query($title) { 783 return sanitize_title($title, '', 'query'); 784 } 785 777 786 /** 778 787 * Sanitizes title, replacing whitespace with dashes. 779 788 * … … 794 803 // Restore octets. 795 804 $title = preg_replace('|---([a-fA-F0-9][a-fA-F0-9])---|', '%$1', $title); 796 805 797 $title = remove_accents($title);798 806 if (seems_utf8($title)) { 799 807 if (function_exists('mb_strtolower')) { 800 808 $title = mb_strtolower($title, 'UTF-8');
