Changeset 31346 for trunk/src/wp-includes/taxonomy.php

Timestamp:

02/06/2015 02:01:24 AM (10 years ago)

Author:

boonebgorges

Message:

Use field-specific sanitization in WP_Tax_Query::transform_query().

When terms are entered into the database, term fields are sanitized with
sanitize_term_field(). To ensure that the SELECT ... WHERE queries in
WP_Tax_Query::transform_query() are not broken by overzealous sanitization,
sanitize_term_field() should be used in that case as well. This fixes a bug
where a tax_query using 'field=name' would fail if the 'terms' parameter
contained characters (like spaces) that were improperly removed by
sanitize_title_for_query().

Fixes #27810.

File:

• trunk/src/wp-includes/taxonomy.php (modified) (1 diff)

trunk/src/wp-includes/taxonomy.php

@@ -1227 +1227 @@
             case 'slug':
             case 'name':
-                $terms = "'" . implode( "','", array_map( 'sanitize_title_for_query', $query['terms'] ) ) . "'";
+                foreach ( $query['terms'] as &$term ) {
+                    /*
+                     * 0 is the $term_id parameter. We don't have a term ID yet, but it doesn't
+                     * matter because `sanitize_term_field()` ignores the $term_id param when the
+                     * context is 'db'.
+                     */
+                    $term = "'" . sanitize_term_field( $query['field'], $term, 0, $query['taxonomy'], 'db' ) . "'";
+                }
+
+                $terms = implode( ",", $query['terms'] );
+
                 $terms = $wpdb->get_col( "
                     SELECT $wpdb->term_taxonomy.$resulting_field