Make WordPress Core


Ignore:
Timestamp:
10/12/2015 03:12:22 PM (9 years ago)
Author:
boonebgorges
Message:

Be stricter about sanitizing values coming out of WP_Term.

Data passed into get_instance() should be run through sanitize_term()
before being used.

See #34262.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/class-wp-term.php

    r34997 r35031  
    140140        }
    141141
    142         return new WP_Term( $_term );
     142        $term_obj = new WP_Term( $_term );
     143        $term_obj->filter( $term_obj->filter );
     144
     145        return $term_obj;
    143146    }
    144147
     
    166169     */
    167170    public function filter( $filter ) {
    168         // Term has already been filtered - nothing more to do.
    169         if ( isset( $this->filter ) && $this->filter === $filter ) {
    170             return;
    171         }
    172 
    173171        sanitize_term( $this, $this->taxonomy, $filter );
    174172    }
Note: See TracChangeset for help on using the changeset viewer.