Ticket #4617: 4617.diff
File 4617.diff, 1.1 KB (added by , 18 years ago) |
---|
-
wp-includes/query.php
972 972 $q['orderby'] = 'post_date '.$q['order']; 973 973 } else { 974 974 // Used to filter values 975 $allowed_keys = array('author', 'date', 'category', 'title', 'modified', 'menu_order' );975 $allowed_keys = array('author', 'date', 'category', 'title', 'modified', 'menu_order', 'rand'); 976 976 $q['orderby'] = urldecode($q['orderby']); 977 977 $q['orderby'] = addslashes_gpc($q['orderby']); 978 978 $orderby_array = explode(' ',$q['orderby']); … … 982 982 for ($i = 0; $i < count($orderby_array); $i++) { 983 983 // Only allow certain values for safety 984 984 $orderby = $orderby_array[$i]; 985 if ( 'menu_order' != $orderby )985 if ( 'menu_order' != $orderby && 'rand' != $orderby) 986 986 $orderby = 'post_' . $orderby; 987 if ('rand' == $orderby) 988 $orderby = 'RAND()'; 987 989 if ( in_array($orderby_array[$i], $allowed_keys) ) 988 990 $q['orderby'] .= (($i == 0) ? '' : ',') . "$orderby {$q['order']}"; 989 991 }