Changeset 39662
- Timestamp:
- 01/02/2017 07:38:07 PM (8 years ago)
- Location:
- trunk
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/class-wp-tax-query.php
r38768 r39662 624 624 * context is 'db'. 625 625 */ 626 $term = "'" . esc_sql( sanitize_term_field( $query['field'], $term, 0, $query['taxonomy'], 'db' ) ) . "'"; 626 $clean_term = sanitize_term_field( $query['field'], $term, 0, $query['taxonomy'], 'db' ); 627 628 // Match sanitization in wp_insert_term(). 629 $clean_term = wp_unslash( $clean_term ); 630 631 $term = "'" . esc_sql( $clean_term ) . "'"; 627 632 } 628 633 -
trunk/tests/phpunit/tests/query/taxQuery.php
r37184 r39662 1381 1381 _unregister_taxonomy( 'foo' ); 1382 1382 } 1383 1384 /** 1385 * @ticket 39315 1386 */ 1387 public function test_tax_terms_should_not_be_double_escaped() { 1388 $name = "Don't worry be happy"; 1389 1390 register_taxonomy( 'wptests_tax', 'post' ); 1391 $t = self::factory()->term->create( array( 1392 'taxonomy' => 'wptests_tax', 1393 'name' => $name, 1394 ) ); 1395 1396 $p = self::factory()->post->create(); 1397 wp_set_object_terms( $p, array( $t ), 'wptests_tax' ); 1398 1399 $q = new WP_Query( array( 1400 'fields' => 'ids', 1401 'tax_query' => array( 1402 array( 1403 'taxonomy' => 'wptests_tax', 1404 'field' => 'name', 1405 'terms' => $name, 1406 ), 1407 ), 1408 ) ); 1409 1410 $this->assertEqualSets( array( $p ), $q->posts ); 1411 } 1383 1412 }
Note: See TracChangeset
for help on using the changeset viewer.