Changeset 37138
- Timestamp:
- 03/30/2016 05:31:58 PM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.1/src/wp-includes/taxonomy.php
r31476 r37138 594 594 $term_ids = array_map('intval', $term_ids ); 595 595 596 $taxonomies = "'" . implode( "', '", $taxonomies) . "'";596 $taxonomies = "'" . implode( "', '", array_map( 'esc_sql', $taxonomies ) ) . "'"; 597 597 $term_ids = "'" . implode( "', '", $term_ids ) . "'"; 598 598 … … 1736 1736 } 1737 1737 1738 $where = "tt.taxonomy IN ('" . implode("', '", $taxonomies) . "')";1738 $where = "tt.taxonomy IN ('" . implode("', '", array_map( 'esc_sql', $taxonomies ) ) . "')"; 1739 1739 1740 1740 $exclude = $args['exclude']; … … 2639 2639 $order = 'ASC'; 2640 2640 2641 $taxonomies = "'" . implode("', '", $taxonomies) . "'";2641 $taxonomies = "'" . implode("', '", array_map( 'esc_sql', $taxonomies ) ) . "'"; 2642 2642 $object_ids = implode(', ', $object_ids); 2643 2643
Note: See TracChangeset
for help on using the changeset viewer.