Make WordPress Core

Ticket #6476: 6476.003.diff

File 6476.003.diff, 2.8 KB (added by markjaquith, 17 years ago)

Latest effort

  • wp-includes/post.php

     
    460460        if (!empty($exclusions))
    461461                $exclusions .= ')';
    462462
     463        // orderby
     464        if ( preg_match( '/.+ +(ASC|DESC)/i', $orderby ) )
     465                $order = ''; // orderby has its own order, so we'll use that
     466
    463467        $query  = "SELECT DISTINCT * FROM $wpdb->posts ";
    464468        $query .= empty( $category ) ? '' : ", $wpdb->term_relationships, $wpdb->term_taxonomy  ";
    465469        $query .= empty( $meta_key ) ? '' : ", $wpdb->postmeta ";
  • wp-includes/media.php

     
    339339        $output = apply_filters('post_gallery', '', $attr);
    340340        if ( $output != '' )
    341341                return $output;
    342                
     342
     343        // We're trusting author input, so let's at least make sure it looks like a valid orderby statement
     344        if ( isset( $attr['orderby'] ) ) {
     345                $attr['orderby'] = sanitize_sql_orderby( $attr['orderby'] );
     346                if ( !$attr['orderby'] )
     347                        unset( $attr['orderby'] );
     348        }
     349
    343350        extract(shortcode_atts(array(
    344351                'orderby'    => 'menu_order ASC, ID ASC',
    345352                'id'         => $post->ID,
     
    351358        ), $attr));
    352359
    353360        $id = intval($id);
    354         $orderby = addslashes($orderby);
    355         $attachments = get_children("post_parent=$id&post_type=attachment&post_mime_type=image&orderby=\"{$orderby}\"");
     361        $attachments = get_children("post_parent=$id&post_type=attachment&post_mime_type=image&orderby={$orderby}");
    356362
    357363        if ( empty($attachments) )
    358364                return '';
     
    426432function adjacent_image_link($prev = true) {
    427433        global $post;
    428434        $post = get_post($post);
    429         $attachments = array_values(get_children("post_parent=$post->post_parent&post_type=attachment&post_mime_type=image&orderby=\"menu_order ASC, ID ASC\""));
     435        $attachments = array_values(get_children("post_parent=$post->post_parent&post_type=attachment&post_mime_type=image&orderby=menu_order ASC, ID ASC"));
    430436
    431437        foreach ( $attachments as $k => $attachment )
    432438                if ( $attachment->ID == $post->ID )
  • wp-includes/formatting.php

     
    366366        return $title;
    367367}
    368368
     369// ensures a string is a valid SQL order by clause like: post_name ASC, ID DESC
     370// accepts one or more columns, with or without ASC/DESC, and also accepts RAND()
     371function sanitize_sql_orderby( $orderby ){
     372        preg_match('/^\s*([a-z0-9_]+(\s+(ASC|DESC))?(\s*,\s*|\s*$))+|^\s*RAND\(\s*\)\s*$/i', $orderby, $obmatches);
     373        if ( !$obmatches )
     374                return false;
     375        return $orderby;
     376}
     377
    369378function convert_chars($content, $deprecated = '') {
    370379        // Translation of invalid Unicode references range to valid range
    371380        $wp_htmltranswinuni = array(