Make WordPress Core

Changeset 30068


Ignore:
Timestamp:
10/28/2014 08:42:20 PM (7 years ago)
Author:
wonderboymusic
Message:

The gallery shortcode used to accept a SQL chunk for the value of the orderby attribute. The reason? get_posts() used to be called in the shortcode handler with a query-string blob of arguments passed to it. To mitigate breakage, sanitize_sql_orderby() was created in [7592].

sanitize_sql_orderby() expects a comma to be present when multiple orderby values were passed. The correct syntax for multiple fields is space-delimited. Since [29027], comma-separated values would never be parsed correctly when passed to WP_Query->parse_orderby().

sanitize_sql_orderby() is used nowhere else in core, save for the playlist shortcode - I only added it there because I was mimic'ing the gallery logic. The function call can be removed from both shortcode handlers.

See #6476.
Fixes #23873.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/media.php

    r30055 r30068  
    937937    if ( $output != '' ) {
    938938        return $output;
    939     }
    940 
    941     // We're trusting author input, so let's at least make sure it looks like a valid orderby statement
    942     if ( isset( $attr['orderby'] ) ) {
    943         $attr['orderby'] = sanitize_sql_orderby( $attr['orderby'] );
    944         if ( ! $attr['orderby'] ) {
    945             unset( $attr['orderby'] );
    946         }
    947939    }
    948940
     
    10571049    $i = 0;
    10581050    foreach ( $attachments as $id => $attachment ) {
    1059        
     1051
    10601052        $attr = ( trim( $attachment->post_excerpt ) ) ? array( 'aria-describedby' => "$selector-$id" ) : '';
    10611053        if ( ! empty( $atts['link'] ) && 'file' === $atts['link'] ) {
     
    12211213    }
    12221214
    1223     /*
    1224      * We're trusting author input, so let's at least make sure it looks
    1225      * like a valid orderby statement.
    1226      */
    1227     if ( isset( $attr['orderby'] ) ) {
    1228         $attr['orderby'] = sanitize_sql_orderby( $attr['orderby'] );
    1229         if ( ! $attr['orderby'] )
    1230             unset( $attr['orderby'] );
    1231     }
    1232 
    12331215    $atts = shortcode_atts( array(
    12341216        'type'      => 'audio',
Note: See TracChangeset for help on using the changeset viewer.