Ticket #35692: 35692.diff
File 35692.diff, 2.7 KB (added by , 9 years ago) |
---|
-
query.php
1457 1457 , 'fields' 1458 1458 , 'menu_order' 1459 1459 , 'embed' 1460 , 'seed' 1460 1461 ); 1461 1462 1462 1463 foreach ( $keys as $key ) { … … 1568 1569 * return posts containing 'pillow' but not 'sofa'. 1569 1570 * @type int $second Second of the minute. Default empty. Accepts numbers 0-60. 1570 1571 * @type bool $sentence Whether to search by phrase. Default false. 1572 * @type int $seed A seed value to pass to MySQL's `RAND()` function 1571 1573 * @type bool $suppress_filters Whether to suppress filters. Default false. 1572 1574 * @type string $tag Tag slug. Comma-separated (either), Plus-separated (all). 1573 1575 * @type array $tag__and An array of tag ids (AND in). … … 1614 1616 $qv['pagename'] = trim( $qv['pagename'] ); 1615 1617 $qv['name'] = trim( $qv['name'] ); 1616 1618 $qv['title'] = trim( $qv['title'] ); 1619 $qv['seed'] = absint( $qv['seed'] ); 1617 1620 if ( '' !== $qv['hour'] ) $qv['hour'] = absint($qv['hour']); 1618 1621 if ( '' !== $qv['minute'] ) $qv['minute'] = absint($qv['minute']); 1619 1622 if ( '' !== $qv['second'] ) $qv['second'] = absint($qv['second']); … … 2324 2327 * @param string $orderby Alias for the field to order by. 2325 2328 * @return string|false Table-prefixed value to used in the ORDER clause. False otherwise. 2326 2329 */ 2327 protected function parse_orderby( $orderby ) {2330 protected function parse_orderby( $orderby, $seed ) { 2328 2331 global $wpdb; 2329 2332 2330 2333 // Used to filter values. … … 2368 2371 $orderby_clause = "$wpdb->posts.{$orderby}"; 2369 2372 break; 2370 2373 case 'rand': 2371 $orderby_clause = 'RAND()'; 2374 $seed_value = ''; 2375 if( $seed ) { 2376 $seed_value = $seed; 2377 } 2378 $orderby_clause = 'RAND(' . esc_sql( $seed_value ) . ')'; 2372 2379 break; 2373 2380 case $primary_meta_key: 2374 2381 case 'meta_value': … … 2970 2977 if ( is_array( $q['orderby'] ) ) { 2971 2978 foreach ( $q['orderby'] as $_orderby => $order ) { 2972 2979 $orderby = addslashes_gpc( urldecode( $_orderby ) ); 2973 $parsed = $this->parse_orderby( $orderby );2980 $parsed = $this->parse_orderby( $orderby, $q['seed'] ); 2974 2981 2975 2982 if ( ! $parsed ) { 2976 2983 continue; … … 2985 2992 $q['orderby'] = addslashes_gpc( $q['orderby'] ); 2986 2993 2987 2994 foreach ( explode( ' ', $q['orderby'] ) as $i => $orderby ) { 2988 $parsed = $this->parse_orderby( $orderby );2995 $parsed = $this->parse_orderby( $orderby, $q['seed'] ); 2989 2996 // Only allow certain values for safety. 2990 2997 if ( ! $parsed ) { 2991 2998 continue;