Make WordPress Core

Ticket #6476: gallery-orderby-sanitized-r7585.patch

File gallery-orderby-sanitized-r7585.patch, 3.2 KB (added by tellyworth, 14 years ago)
  • wp-includes/post.php

     
    460460        if (!empty($exclusions))
    461461                $exclusions .= ')';
    462462
     463        // orderby
     464        if ( preg_match( '/.+ (ASC|DESC)/i', $orderby ) )
     465                $order = ''; // orderby has its own order, so we'll use that
     466
    463467        $query  = "SELECT DISTINCT * FROM $wpdb->posts ";
    464468        $query .= empty( $category ) ? '' : ", $wpdb->term_relationships, $wpdb->term_taxonomy  ";
    465469        $query .= empty( $meta_key ) ? '' : ", $wpdb->postmeta ";
  • wp-includes/media.php

     
    339339        $output = apply_filters('post_gallery', '', $attr);
    340340        if ( $output != '' )
    341341                return $output;
    342                
     342
    343343        extract(shortcode_atts(array(
    344                 'orderby'    => 'menu_order ASC, ID ASC',
     344                'orderby'    => '',
    345345                'id'         => $post->ID,
    346346                'itemtag'    => 'dl',
    347347                'icontag'    => 'dt',
     
    351351        ), $attr));
    352352
    353353        $id = intval($id);
    354         $orderby = addslashes($orderby);
    355         $attachments = get_children("post_parent=$id&post_type=attachment&post_mime_type=image&orderby=\"{$orderby}\"");
     354       
     355        $order_cols = array(
     356                'id' => 'ID',
     357                'menu_order' => 'menu_order',
     358                'name' => 'post_name',
     359                'date' => 'post_date',
     360                'title' => 'post_title',
     361                'caption' => 'post_excerpt',
     362                'random' => 'rand()',
     363        );
     364        $orderby = sanitize_orderby($orderby, $order_cols);
     365        if ( !$orderby )
     366                $orderby = 'menu_order ASC, ID ASC';
     367               
     368        $attachments = get_children("post_parent=$id&post_type=attachment&post_mime_type=image&orderby={$orderby}");
    356369
    357370        if ( empty($attachments) )
    358371                return '';
     
    426439function adjacent_image_link($prev = true) {
    427440        global $post;
    428441        $post = get_post($post);
    429         $attachments = array_values(get_children("post_parent=$post->post_parent&post_type=attachment&post_mime_type=image&orderby=\"menu_order ASC, ID ASC\""));
     442        $attachments = array_values(get_children("post_parent=$post->post_parent&post_type=attachment&post_mime_type=image&orderby=menu_order ASC, ID ASC"));
    430443
    431444        foreach ( $attachments as $k => $attachment )
    432445                if ( $attachment->ID == $post->ID )
  • wp-includes/formatting.php

     
    366366        return $title;
    367367}
    368368
     369// take a user-provided orderby string like 'foo, -bar' and turn it into a valid SQL ORDER BY clause
     370function sanitize_orderby($orderby, $column_names) {
     371        $out = array();
     372        $items = explode(',', $orderby);
     373        foreach ($items as $item) {
     374                // items might look like 'foo', '+foo' or '-foo'
     375                if ( preg_match('/^([-+]?)\s*(\w+)$/', trim($item), $m) ) {
     376                        $direction = ( $m[1] == '-' ? 'DESC' : 'ASC' );
     377                        $column = strtolower($m[2]);
     378                        if ( isset( $column_names[$column] ) )
     379                                $out[] = "{$column_names[$column]} {$direction}";
     380                }
     381        }
     382
     383        return join(', ', $out);
     384}
     385
    369386function convert_chars($content, $deprecated = '') {
    370387        // Translation of invalid Unicode references range to valid range
    371388        $wp_htmltranswinuni = array(