Make WordPress Core

Changeset 52455


Ignore:
Timestamp:
01/06/2022 05:03:14 PM (3 years ago)
Author:
desrosj
Message:

Query: Improve sanitization within WP_Meta_Query.

Props vortfu, xknown, dd32.

Location:
trunk/src/wp-includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/class-wp-meta-query.php

    r52332 r52455  
    849849            $sibling_compare = strtoupper( $sibling['compare'] );
    850850            if ( in_array( $clause_compare, $compatible_compares, true ) && in_array( $sibling_compare, $compatible_compares, true ) ) {
    851                 $alias = $sibling['alias'];
     851                $alias = preg_replace( '/\W/', '_', $sibling['alias'] );
    852852                break;
    853853            }
  • trunk/src/wp-includes/class-wp-tax-query.php

    r52454 r52455  
    528528            // The sibling must both have compatible operator to share its alias.
    529529            if ( in_array( strtoupper( $sibling['operator'] ), $compatible_operators, true ) ) {
    530                 $alias = $sibling['alias'];
     530                $alias = preg_replace( '/\W/', '_', $sibling['alias'] );
    531531                break;
    532532            }
Note: See TracChangeset for help on using the changeset viewer.