WordPress.org

Make WordPress Core

Ticket #11017: 11017.2.2.patch

File 11017.2.2.patch, 1.6 KB (added by ramiy, 4 years ago)

with parameter validation

  • author-template.php

     
    247247        global $wpdb; 
    248248 
    249249        $defaults = array( 
     250                'orderby' => 'display_name', 'order' => 'ASC',  
    250251                'optioncount' => false, 'exclude_admin' => true, 
    251252                'show_fullname' => false, 'hide_empty' => true, 
    252253                'feed' => '', 'feed_image' => '', 'feed_type' => '', 'echo' => true, 
     
    257258        extract($r, EXTR_SKIP); 
    258259        $return = ''; 
    259260 
     261        $_orderby = strtolower($orderby); 
     262        if ( 'login' == $_orderby || 'user_login' == $_orderby ) 
     263                $orderby = 'user_login'; 
     264        else if ( 'nicename' == $_orderby || 'user_nicename' == $_orderby ) 
     265                $orderby = 'user_nicename'; 
     266        else if ( 'display' == $_orderby || 'display_name' == $_orderby ) 
     267                $orderby = 'display_name'; 
     268        elseif ( empty($_orderby) || 'id' == $_orderby ) 
     269                $orderby = 'id'; 
     270 
     271        $orderby = apply_filters( 'get_terms_orderby', $orderby, $args ); 
     272 
    260273        /** @todo Move select to get_authors(). */ 
    261         $authors = $wpdb->get_results("SELECT ID, user_nicename from $wpdb->users " . ($exclude_admin ? "WHERE user_login <> 'admin' " : '') . "ORDER BY display_name"); 
     274        $authors = $wpdb->get_results("SELECT ID, user_nicename from $wpdb->users " . ($exclude_admin ? "WHERE user_login <> 'admin' " : '') . "ORDER BY $orderby $order"); 
    262275 
    263276        $author_count = array(); 
    264277        foreach ((array) $wpdb->get_results("SELECT DISTINCT post_author, COUNT(ID) AS count FROM $wpdb->posts WHERE post_type = 'post' AND " . get_private_posts_cap_sql( 'post' ) . " GROUP BY post_author") as $row) {