WordPress.org

Make WordPress Core

Ticket #16282: strict.16282.diff

File strict.16282.diff, 1.3 KB (added by scribu, 7 years ago)

Only allow exact slug matches (untested)

  • wp-includes/taxonomy.php

     
    877877        if ( ! taxonomy_exists($taxonomy) )
    878878                return false;
    879879
     880        if ( empty($value) )
     881                return false;
     882
    880883        if ( 'slug' == $field ) {
    881884                $field = 't.slug';
    882                 $value = sanitize_title_for_query($value);
    883                 if ( empty($value) )
    884                         return false;
    885885        } else if ( 'name' == $field ) {
    886886                // Assume already escaped
    887887                $value = stripslashes($value);
     
    28132813 * @uses apply_filters() For the post_tag Taxonomy, Calls 'tag_link' with tag link and tag ID as parameters.
    28142814 * @uses apply_filters() For the category Taxonomy, Calls 'category_link' filter on category link and category ID.
    28152815 *
    2816  * @param object|int|string $term
    2817  * @param string $taxonomy (optional if $term is object)
    2818  * @return string|WP_Error HTML link to taxonomy term archive on success, WP_Error if term does not exist.
     2816 * @param object|int|string $term Term object, term_id or slug.
     2817 * @param string $taxonomy Optional if $term is object.
     2818 * @return string|WP_Error URL to taxonomy term archive on success, WP_Error if term not found.
    28192819 */
    28202820function get_term_link( $term, $taxonomy = '') {
    28212821        global $wp_rewrite;