WordPress.org

Make WordPress Core

Ticket #9591: 9591.4.diff

File 9591.4.diff, 3.8 KB (added by scribu, 3 years ago)

refresh

  • wp-includes/taxonomy.php

     
    534534                case 'slug': 
    535535                case 'name': 
    536536                        foreach ( $terms as $i => $term ) { 
    537                                 $terms[$i] = sanitize_term_field('slug', $term, 0, $taxonomy, 'db'); 
     537                                $terms[$i] = sanitize_title_for_query( $term ); 
    538538                        } 
    539539                        $terms = array_filter($terms); 
    540540 
  • wp-includes/query.php

     
    17841784                } 
    17851785 
    17861786                if ( '' != $q['name'] ) { 
    1787                         $q['name'] = sanitize_title( $q['name'] ); 
     1787                        $q['name'] = sanitize_title_for_query( $q['name'] ); 
    17881788                        $where .= " AND $wpdb->posts.post_name = '" . $q['name'] . "'"; 
    17891789                } elseif ( '' != $q['pagename'] ) { 
    17901790                        if ( isset($this->queried_object_id) ) { 
     
    18121812 
    18131813                        $page_for_posts = get_option('page_for_posts'); 
    18141814                        if  ( ('page' != get_option('show_on_front') ) || empty($page_for_posts) || ( $reqpage != $page_for_posts ) ) { 
    1815                                 $q['pagename'] = sanitize_title( $this->_qv_basename( $q['pagename'] ) ); 
     1815                                $q['pagename'] = sanitize_title_for_query( $this->_qv_basename( $q['pagename'] ) ); 
    18161816                                $q['name'] = $q['pagename']; 
    18171817                                $where .= " AND ($wpdb->posts.ID = '$reqpage')"; 
    18181818                                $reqpage_obj = get_page($reqpage); 
     
    18241824                                } 
    18251825                        } 
    18261826                } elseif ( '' != $q['attachment'] ) { 
    1827                         $q['attachment'] = sanitize_title( $this->_qv_basename( $q['attachment'] ) ); 
     1827                        $q['attachment'] = sanitize_title_for_query( $this->_qv_basename( $q['attachment'] ) ); 
    18281828                        $q['name'] = $q['attachment']; 
    18291829                        $where .= " AND $wpdb->posts.post_name = '" . $q['attachment'] . "'"; 
    18301830                } 
     
    19571957                                        $q['author_name'] = $q['author_name'][count($q['author_name'])-2]; // there was a trailling slash 
    19581958                                } 
    19591959                        } 
    1960                         $q['author_name'] = sanitize_title( $q['author_name'] ); 
     1960                        $q['author_name'] = sanitize_title_for_query( $q['author_name'] ); 
    19611961                        $q['author'] = get_user_by('slug', $q['author_name']); 
    19621962                        if ( $q['author'] ) 
    19631963                                $q['author'] = $q['author']->ID; 
  • wp-includes/formatting.php

     
    628628                chr(197).chr(186) => 'z', chr(197).chr(187) => 'Z', 
    629629                chr(197).chr(188) => 'z', chr(197).chr(189) => 'Z', 
    630630                chr(197).chr(190) => 'z', chr(197).chr(191) => 's', 
     631                chr(200).chr(153) => 's', chr(200).chr(155) => 't', 
    631632                // Euro Sign 
    632633                chr(226).chr(130).chr(172) => 'E', 
    633634                // GBP (Pound) Sign 
     
    783784 * 
    784785 * @param string $title The string to be sanitized. 
    785786 * @param string $fallback_title Optional. A title to use if $title is empty. 
     787 * @param string $context Optional. The operation for which the string is sanitized 
    786788 * @return string The sanitized string. 
    787789 */ 
    788 function sanitize_title($title, $fallback_title = '') { 
     790function sanitize_title($title, $fallback_title = '', $context = 'save') { 
    789791        $raw_title = $title; 
    790         $title = strip_tags($title); 
    791         $title = apply_filters('sanitize_title', $title, $raw_title); 
    792792 
     793        if ( 'save' == $context ) 
     794                $title = remove_accents($title); 
     795 
     796        $title = apply_filters('sanitize_title', $title, $raw_title, $context); 
     797 
    793798        if ( '' === $title || false === $title ) 
    794799                $title = $fallback_title; 
    795800 
    796801        return $title; 
    797802} 
    798803 
     804function sanitize_title_for_query($title) { 
     805        return sanitize_title($title, '', 'query'); 
     806} 
     807 
    799808/** 
    800809 * Sanitizes title, replacing whitespace with dashes. 
    801810 * 
     
    816825        // Restore octets. 
    817826        $title = preg_replace('|---([a-fA-F0-9][a-fA-F0-9])---|', '%$1', $title); 
    818827 
    819         $title = remove_accents($title); 
    820828        if (seems_utf8($title)) { 
    821829                if (function_exists('mb_strtolower')) { 
    822830                        $title = mb_strtolower($title, 'UTF-8');