Changeset 37139
- Timestamp:
- 03/30/2016 05:35:35 PM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.0/src/wp-includes/taxonomy.php
r29549 r37139 598 598 $term_ids = array_map('intval', $term_ids ); 599 599 600 $taxonomies = "'" . implode( "', '", $taxonomies) . "'";600 $taxonomies = "'" . implode( "', '", array_map( 'esc_sql', $taxonomies ) ) . "'"; 601 601 $term_ids = "'" . implode( "', '", $term_ids ) . "'"; 602 602 … … 1390 1390 } 1391 1391 1392 $where = "tt.taxonomy IN ('" . implode("', '", $taxonomies) . "')";1392 $where = "tt.taxonomy IN ('" . implode("', '", array_map( 'esc_sql', $taxonomies ) ) . "')"; 1393 1393 1394 1394 $exclude = $args['exclude']; … … 2278 2278 $order = 'ASC'; 2279 2279 2280 $taxonomies = "'" . implode("', '", $taxonomies) . "'";2280 $taxonomies = "'" . implode("', '", array_map( 'esc_sql', $taxonomies ) ) . "'"; 2281 2281 $object_ids = implode(', ', $object_ids); 2282 2282
Note: See TracChangeset
for help on using the changeset viewer.