Changeset 24715
- Timestamp:
- 07/16/2013 02:23:29 PM (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/post.php
r24598 r24715 3418 3418 $page_path = str_replace('%20', ' ', $page_path); 3419 3419 $parts = explode( '/', trim( $page_path, '/' ) ); 3420 $parts = array_map( 'esc_sql',$parts );3420 $parts = esc_sql( $parts ); 3421 3421 $parts = array_map( 'sanitize_title_for_query', $parts ); 3422 3422 3423 3423 $in_string = "'". implode( "','", $parts ) . "'"; 3424 $post_type_sql = $post_type; 3425 $wpdb->escape_by_ref( $post_type_sql ); 3424 $post_type_sql = esc_sql( $post_type ); 3426 3425 $pages = $wpdb->get_results( "SELECT ID, post_name, post_parent, post_type FROM $wpdb->posts WHERE post_name IN ($in_string) AND (post_type = '$post_type_sql' OR post_type = 'attachment')", OBJECT_K ); 3427 3426
Note: See TracChangeset
for help on using the changeset viewer.