Ticket #16854: 16854.2.patch
| File 16854.2.patch, 3.0 KB (added by , 13 years ago) |
|---|
-
wp-includes/query.php
1387 1387 , 'tag' 1388 1388 , 'cat' 1389 1389 , 'tag_id' 1390 , 'author' 1390 1391 , 'author_name' 1391 1392 , 'feed' 1392 1393 , 'tb' … … 1406 1407 } 1407 1408 1408 1409 $array_keys = array('category__in', 'category__not_in', 'category__and', 'post__in', 'post__not_in', 1409 'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and'); 1410 'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and', 1411 'author__in', 'author__not_in'); 1410 1412 1411 1413 foreach ( $array_keys as $key ) { 1412 1414 if ( !isset($array[$key]) ) … … 1447 1449 $qv['m'] = absint($qv['m']); 1448 1450 $qv['paged'] = absint($qv['paged']); 1449 1451 $qv['cat'] = preg_replace( '|[^0-9,-]|', '', $qv['cat'] ); // comma separated list of positive or negative integers 1452 $qv['author'] = preg_replace( '|[^0-9,-]|', '', $qv['author'] ); // comma separated list of positive or negative integers 1450 1453 $qv['pagename'] = trim( $qv['pagename'] ); 1451 1454 $qv['name'] = trim( $qv['name'] ); 1452 1455 if ( '' !== $qv['hour'] ) $qv['hour'] = absint($qv['hour']); … … 2269 2272 2270 2273 // Author/user stuff 2271 2274 2272 if ( empty($q['author']) || ($q['author'] == '0') ) { 2273 $whichauthor = ''; 2274 } else { 2275 $q['author'] = (string)urldecode($q['author']); 2275 if ( !empty($q['author']) && '0' != $q['author'] ) { 2276 $q['author'] = ''.urldecode($q['author']).''; 2276 2277 $q['author'] = addslashes_gpc($q['author']); 2277 if ( strpos($q['author'], '-') !== false ) { 2278 $eq = '!='; 2279 $andor = 'AND'; 2280 $q['author'] = explode('-', $q['author']); 2281 $q['author'] = (string)absint($q['author'][1]); 2282 } else { 2283 $eq = '='; 2284 $andor = 'OR'; 2278 $author_array = preg_split('/[,\s]+/', $q['author']); 2279 $q['author'] = ''; 2280 $req_authors = array(); 2281 foreach ( (array) $author_array as $author) { 2282 $author = intval($author); 2283 $req_authors[] = $author; 2284 $in = ($author > 0); 2285 $author = abs($author); 2286 if ( $in ) { 2287 $q['author__in'][] = $author; 2288 } else { 2289 $q['author__not_in'][] = $author; 2290 } 2285 2291 } 2286 $author_array = preg_split('/[,\s]+/', $q['author']); 2287 $_author_array = array(); 2288 foreach ( $author_array as $key => $_author ) 2289 $_author_array[] = "$wpdb->posts.post_author " . $eq . ' ' . absint($_author); 2290 $whichauthor .= ' AND (' . implode(" $andor ", $_author_array) . ')'; 2291 unset($author_array, $_author_array); 2292 $q['author'] = implode(',', $req_authors); 2292 2293 } 2293 2294 2295 if ( !empty($q['author__in']) ) { 2296 $author__in = implode(',', array_map( 'absint', array_unique( (array) $q['author__in'] ) )); 2297 $where .= " AND {$wpdb->posts}.post_author IN ($author__in)"; 2298 } 2299 2300 if ( !empty($q['author__not_in']) ) { 2301 $author__not_in = implode(',', array_map( 'absint', array_unique( (array) $q['author__not_in'] ) )); 2302 $where .= " AND {$wpdb->posts}.post_author NOT IN ($author__not_in)"; 2303 } 2304 2294 2305 // Author stuff for nice URLs 2295 2306 2296 2307 if ( '' != $q['author_name'] ) {