Make WordPress Core

Changeset 18357


Ignore:
Timestamp:
06/27/2011 09:38:51 PM (13 years ago)
Author:
ryan
Message:

Sanitize sort_column and sort_order in get_pages(). Escape search_term in WP_User_Search. Cast blog_id to int in get_blog_prefix(). Props duck_. For 3.1.

Location:
branches/3.1
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • branches/3.1

  • branches/3.1/wp-admin/includes/deprecated.php

    r17293 r18357  
    455455        _deprecated_function( __FUNCTION__, '3.1', 'WP_User_Query' );
    456456
    457         $this->search_term = $search_term;
     457        $this->search_term = stripslashes( $search_term );
    458458        $this->raw_page = ( '' == $page ) ? false : (int) $page;
    459459        $this->page = (int) ( '' == $page ) ? 1 : $page;
     
    486486            $search_sql = 'AND (';
    487487            foreach ( array('user_login', 'user_nicename', 'user_email', 'user_url', 'display_name') as $col )
    488                 $searches[] = $col . " LIKE '%$this->search_term%'";
     488                $searches[] = $wpdb->prepare( $col . ' LIKE %s', '%' . like_escape($this->search_term) . '%' );
    489489            $search_sql .= implode(' OR ', $searches);
    490490            $search_sql .= ')';
  • branches/3.1/wp-includes/post.php

    r18023 r18357  
    34223422    $where_post_type = $wpdb->prepare( "post_type = '%s' AND post_status = '%s'", $post_type, $post_status );
    34233423
     3424    $orderby_array = array();
     3425    $allowed_keys = array('author', 'post_author', 'date', 'post_date', 'title', 'post_title', 'modified',
     3426                          'post_modified', 'modified_gmt', 'post_modified_gmt', 'menu_order', 'parent', 'post_parent',
     3427                          'ID', 'rand', 'comment_count');
     3428    foreach ( explode( ',', $sort_column ) as $orderby ) {
     3429        $orderby = trim( $orderby );
     3430        if ( !in_array( $orderby, $allowed_keys ) )
     3431            continue;
     3432
     3433        switch ( $orderby ) {
     3434            case 'menu_order':
     3435                break;
     3436            case 'ID':
     3437                $orderby = "$wpdb->posts.ID";
     3438                break;
     3439            case 'rand':
     3440                $orderby = 'RAND()';
     3441                break;
     3442            case 'comment_count':
     3443                $orderby = "$wpdb->posts.comment_count";
     3444                break;
     3445            default:
     3446                if ( 0 === strpos( $orderby, 'post_' ) )
     3447                    $orderby = "$wpdb->posts." . $orderby;
     3448                else
     3449                    $orderby = "$wpdb->posts.post_" . $orderby;
     3450        }
     3451
     3452        $orderby_array[] = $orderby;
     3453
     3454    }
     3455    $sort_column = ! empty( $orderby_array ) ? implode( ',', $orderby_array ) : "$wpdb->posts.post_title";
     3456
     3457    $sort_order = strtoupper( $sort_order );
     3458    if ( '' !== $sort_order && !in_array( $sort_order, array( 'ASC', 'DESC' ) ) )
     3459        $sort_order = 'ASC';
     3460
    34243461    $query = "SELECT * FROM $wpdb->posts $join WHERE ($where_post_type) $where ";
    34253462    $query .= $author_query;
  • branches/3.1/wp-includes/wp-db.php

    r17547 r18357  
    645645            if ( null === $blog_id )
    646646                $blog_id = $this->blogid;
     647            $blog_id = (int) $blog_id;
    647648            if ( defined( 'MULTISITE' ) && ( 0 == $blog_id || 1 == $blog_id ) )
    648649                return $this->base_prefix;
Note: See TracChangeset for help on using the changeset viewer.