Changeset 37134 for branches/4.4/src/wp-includes/taxonomy.php
- Timestamp:
- 03/30/2016 05:17:00 PM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.4/src/wp-includes/taxonomy.php
r36358 r37134 677 677 $term_ids = array_map('intval', $term_ids ); 678 678 679 $taxonomies = "'" . implode( "', '", $taxonomies) . "'";679 $taxonomies = "'" . implode( "', '", array_map( 'esc_sql', $taxonomies ) ) . "'"; 680 680 $term_ids = "'" . implode( "', '", $term_ids ) . "'"; 681 681 … … 876 876 } 877 877 878 $term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE $_field = %s $tax_clause LIMIT 1", $value ));878 $term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE $_field = %s", $value ) . " $tax_clause LIMIT 1" ); 879 879 if ( ! $term ) 880 880 return false; … … 1231 1231 } 1232 1232 1233 $where = "tt.taxonomy IN ('" . implode("', '", $taxonomies) . "')";1233 $where = "tt.taxonomy IN ('" . implode("', '", array_map( 'esc_sql', $taxonomies ) ) . "')"; 1234 1234 1235 1235 $exclude = $args['exclude']; … … 2360 2360 $taxonomy_array = $taxonomies; 2361 2361 $object_id_array = $object_ids; 2362 $taxonomies = "'" . implode("', '", $taxonomies) . "'";2362 $taxonomies = "'" . implode("', '", array_map( 'esc_sql', $taxonomies ) ) . "'"; 2363 2363 $object_ids = implode(', ', $object_ids); 2364 2364
Note: See TracChangeset
for help on using the changeset viewer.