Changeset 30016 for trunk/src/wp-includes/user.php
- Timestamp:
- 10/24/2014 07:50:53 PM (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/user.php
r29962 r30016 599 599 $this->query_where = "WHERE 1=1"; 600 600 601 // Parse and sanitize 'include', for use by 'orderby' as well as 'include' below. 602 if ( ! empty( $qv['include'] ) ) { 603 $include = wp_parse_id_list( $qv['include'] ); 604 } else { 605 $include = false; 606 } 607 601 608 // sorting 602 609 if ( isset( $qv['orderby'] ) ) { … … 622 629 } elseif ( 'meta_value' == $qv['orderby'] ) { 623 630 $orderby = "$wpdb->usermeta.meta_value"; 631 } else if ( 'include' === $qv['orderby'] && ! empty( $include ) ) { 632 // Sanitized earlier. 633 $include_sql = implode( ',', $include ); 634 $orderby = "FIELD( $wpdb->users.ID, $include_sql )"; 624 635 } else { 625 636 $orderby = 'user_login'; … … 735 746 } 736 747 737 if ( ! empty( $qv['include'] ) ) { 738 $ids = implode( ',', wp_parse_id_list( $qv['include'] ) ); 748 if ( ! empty( $include ) ) { 749 // Sanitized earlier. 750 $ids = implode( ',', $include ); 739 751 $this->query_where .= " AND $wpdb->users.ID IN ($ids)"; 740 752 } elseif ( ! empty( $qv['exclude'] ) ) {
Note: See TracChangeset
for help on using the changeset viewer.