Ticket #4617: rand.diff
| File rand.diff, 1.2 KB (added by , 17 years ago) |
|---|
-
wp-includes/query.php
1150 1150 $q['orderby'] = 'post_date '.$q['order']; 1151 1151 } else { 1152 1152 // Used to filter values 1153 $allowed_keys = array('author', 'date', 'category', 'title', 'modified', 'menu_order', 'parent', 'ID' );1153 $allowed_keys = array('author', 'date', 'category', 'title', 'modified', 'menu_order', 'parent', 'ID', 'rand'); 1154 1154 $q['orderby'] = urldecode($q['orderby']); 1155 1155 $q['orderby'] = addslashes_gpc($q['orderby']); 1156 1156 $orderby_array = explode(' ',$q['orderby']); … … 1160 1160 for ($i = 0; $i < count($orderby_array); $i++) { 1161 1161 // Only allow certain values for safety 1162 1162 $orderby = $orderby_array[$i]; 1163 if ( !('menu_order' == $orderby || 'ID' == $orderby )) 1164 $orderby = 'post_' . $orderby; 1163 switch ($orderby) { 1164 case 'menu_order': 1165 case 'ID': 1166 break; 1167 case 'rand': 1168 $orderby = 'RAND()'; 1169 break; 1170 default: 1171 $orderby = 'post_' . $orderby; 1172 } 1165 1173 if ( in_array($orderby_array[$i], $allowed_keys) ) 1166 1174 $q['orderby'] .= (($i == 0) ? '' : ',') . $orderby; 1167 1175 }