Ticket #17737: 17737.6.diff
File 17737.6.diff, 2.9 KB (added by , 5 years ago) |
---|
-
src/wp-includes/class-wp-query.php
754 754 $qv['p'] = intval( $qv['p'] ); 755 755 } 756 756 757 $qv['page_id'] = absint( $qv['page_id'] );758 $qv['year'] = absint( $qv['year'] );759 $qv['monthnum'] = absint( $qv['monthnum'] );760 $qv['day'] = absint( $qv['day'] );761 $qv['w'] = absint( $qv['w'] );757 $qv['page_id'] = is_scalar( $qv['page_id'] ) ? absint( $qv['page_id'] ) : 0; 758 $qv['year'] = is_scalar( $qv['year'] ) ? absint( $qv['year'] ) : 0; 759 $qv['monthnum'] = is_scalar( $qv['monthnum'] ) ? absint( $qv['monthnum'] ) : 0; 760 $qv['day'] = is_scalar( $qv['day'] ) ? absint( $qv['day'] ) : 0; 761 $qv['w'] = is_scalar( $qv['w'] ) ? absint( $qv['w'] ) : 0; 762 762 $qv['m'] = is_scalar( $qv['m'] ) ? preg_replace( '|[^0-9]|', '', $qv['m'] ) : ''; 763 $qv['paged'] = absint( $qv['paged'] );763 $qv['paged'] = is_scalar( $qv['paged'] ) ? absint( $qv['paged'] ) : 0; 764 764 $qv['cat'] = preg_replace( '|[^0-9,-]|', '', $qv['cat'] ); // comma separated list of positive or negative integers 765 765 $qv['author'] = preg_replace( '|[^0-9,-]|', '', $qv['author'] ); // comma separated list of positive or negative integers 766 $qv['pagename'] = trim( $qv['pagename'] );767 $qv['name'] = trim( $qv['name'] );768 $qv['title'] = trim( $qv['title'] );769 if ( '' !== $qv['hour'] ) {766 $qv['pagename'] = is_scalar( $qv['pagename'] ) ? trim( $qv['pagename'] ) : ''; 767 $qv['name'] = is_scalar( $qv['name'] ) ? trim( $qv['name'] ) : ''; 768 $qv['title'] = is_scalar( $qv['title'] ) ? trim( $qv['title'] ) : ''; 769 if ( is_scalar( $qv['hour'] ) && '' !== $qv['hour'] ) { 770 770 $qv['hour'] = absint( $qv['hour'] ); 771 771 } 772 if ( '' !== $qv['minute'] ) {772 if ( is_scalar( $qv['minute'] ) && '' !== $qv['minute'] ) { 773 773 $qv['minute'] = absint( $qv['minute'] ); 774 774 } 775 if ( '' !== $qv['second'] ) {775 if ( is_scalar( $qv['second'] ) && '' !== $qv['second'] ) { 776 776 $qv['second'] = absint( $qv['second'] ); 777 777 } 778 if ( '' !== $qv['menu_order'] ) {778 if ( is_scalar( $qv['menu_order'] ) && '' !== $qv['menu_order'] ) { 779 779 $qv['menu_order'] = absint( $qv['menu_order'] ); 780 780 } 781 781 … … 785 785 } 786 786 787 787 // Compat. Map subpost to attachment. 788 if ( '' != $qv['subpost'] ) {788 if ( is_scalar( $qv['subpost'] ) && '' != $qv['subpost'] ) { 789 789 $qv['attachment'] = $qv['subpost']; 790 790 } 791 if ( '' != $qv['subpost_id'] ) {791 if ( is_scalar( $qv['subpost_id'] ) && '' != $qv['subpost_id'] ) { 792 792 $qv['attachment_id'] = $qv['subpost_id']; 793 793 } 794 794 795 $qv['attachment_id'] = absint( $qv['attachment_id'] );795 $qv['attachment_id'] = is_scalar( $qv['attachment_id'] ) ? absint( $qv['attachment_id'] ) : 0; 796 796 797 797 if ( ( '' != $qv['attachment'] ) || ! empty( $qv['attachment_id'] ) ) { 798 798 $this->is_single = true;