diff --git a/src/wp-includes/class-wp-query.php b/src/wp-includes/class-wp-query.php
index c5cfdcc035..cabdb91665 100644
a
|
b
|
class WP_Query { |
769 | 769 | $qv['p'] = (int) $qv['p']; |
770 | 770 | } |
771 | 771 | |
772 | | $qv['page_id'] = absint( $qv['page_id'] ); |
773 | | $qv['year'] = absint( $qv['year'] ); |
774 | | $qv['monthnum'] = absint( $qv['monthnum'] ); |
775 | | $qv['day'] = absint( $qv['day'] ); |
776 | | $qv['w'] = absint( $qv['w'] ); |
| 772 | $qv['page_id'] = is_scalar( $qv['page_id'] ) ? absint( $qv['page_id'] ) : 0; |
| 773 | $qv['year'] = is_scalar( $qv['year'] ) ? absint( $qv['year'] ) : 0; |
| 774 | $qv['monthnum'] = is_scalar( $qv['monthnum'] ) ? absint( $qv['monthnum'] ) : 0; |
| 775 | $qv['day'] = is_scalar( $qv['day'] ) ? absint( $qv['day'] ) : 0; |
| 776 | $qv['w'] = is_scalar( $qv['w'] ) ? absint( $qv['w'] ) : 0; |
777 | 777 | $qv['m'] = is_scalar( $qv['m'] ) ? preg_replace( '|[^0-9]|', '', $qv['m'] ) : ''; |
778 | | $qv['paged'] = absint( $qv['paged'] ); |
| 778 | $qv['paged'] = is_scalar( $qv['paged'] ) ? absint( $qv['paged'] ) : 0; |
779 | 779 | $qv['cat'] = preg_replace( '|[^0-9,-]|', '', $qv['cat'] ); // Comma-separated list of positive or negative integers. |
780 | | $qv['author'] = preg_replace( '|[^0-9,-]|', '', $qv['author'] ); // Comma-separated list of positive or negative integers. |
781 | | $qv['pagename'] = trim( $qv['pagename'] ); |
782 | | $qv['name'] = trim( $qv['name'] ); |
783 | | $qv['title'] = trim( $qv['title'] ); |
784 | | if ( '' !== $qv['hour'] ) { |
| 780 | $qv['author'] = is_scalar( $qv['author'] ) ? preg_replace( '|[^0-9,-]|', '', $qv['author'] ) : ''; |
| 781 | $qv['pagename'] = is_scalar( $qv['pagename'] ) ? trim( $qv['pagename'] ) : ''; |
| 782 | $qv['name'] = is_scalar( $qv['name'] ) ? trim( $qv['name'] ) : ''; |
| 783 | $qv['title'] = is_scalar( $qv['title'] ) ? trim( $qv['title'] ) : ''; |
| 784 | if ( is_scalar( $qv['hour'] ) && '' !== $qv['hour'] ) { |
785 | 785 | $qv['hour'] = absint( $qv['hour'] ); |
786 | 786 | } |
787 | | if ( '' !== $qv['minute'] ) { |
| 787 | if ( is_scalar( $qv['minute'] ) && '' !== $qv['minute'] ) { |
788 | 788 | $qv['minute'] = absint( $qv['minute'] ); |
789 | 789 | } |
790 | | if ( '' !== $qv['second'] ) { |
| 790 | if ( is_scalar( $qv['second'] ) && '' !== $qv['second'] ) { |
791 | 791 | $qv['second'] = absint( $qv['second'] ); |
792 | 792 | } |
793 | | if ( '' !== $qv['menu_order'] ) { |
| 793 | if ( is_scalar( $qv['menu_order'] ) && '' !== $qv['menu_order'] ) { |
794 | 794 | $qv['menu_order'] = absint( $qv['menu_order'] ); |
795 | 795 | } |
796 | 796 | |
… |
… |
class WP_Query { |
800 | 800 | } |
801 | 801 | |
802 | 802 | // Compat. Map subpost to attachment. |
803 | | if ( '' != $qv['subpost'] ) { |
| 803 | if ( is_scalar( $qv['subpost'] ) && '' != $qv['subpost'] ) { |
804 | 804 | $qv['attachment'] = $qv['subpost']; |
805 | 805 | } |
806 | | if ( '' != $qv['subpost_id'] ) { |
| 806 | if ( is_scalar( $qv['subpost_id'] ) && '' != $qv['subpost_id'] ) { |
807 | 807 | $qv['attachment_id'] = $qv['subpost_id']; |
808 | 808 | } |
809 | 809 | |
810 | | $qv['attachment_id'] = absint( $qv['attachment_id'] ); |
| 810 | $qv['attachment_id'] = is_scalar( $qv['attachment_id'] ) ? absint( $qv['attachment_id'] ) : 0; |
811 | 811 | |
812 | 812 | if ( ( '' !== $qv['attachment'] ) || ! empty( $qv['attachment_id'] ) ) { |
813 | 813 | $this->is_single = true; |