Make WordPress Core


Ignore:
Timestamp:
10/17/2022 06:01:26 PM (2 years ago)
Author:
audrasjb
Message:

Grouped backports to the 5.4 branch.

  • Editor: Bump @wordpress packages for the branch,
  • Media: Refactor search by filename within the admin,
  • REST API: Lockdown post parameter of the terms endpoint,
  • Customize: Escape blogname option in underscores templates,
  • Query: Validate relation in WP_Date_Query,
  • Posts, Post types: Apply KSES to post-by-email content,
  • General: Validate host on "Are you sure?" screen,
  • Posts, Post types: Remove emails from post-by-email logs,
  • Pings/trackbacks: Apply KSES to all trackbacks,
  • Mail: Reset PHPMailer properties between use,
  • Comments: Apply kses when editing comments,
  • Widgets: Escape RSS error messages for display.

Merges [54521-54530] to the 5.4 branch.
Props audrasjb, costdev, cu121, dd32, davidbaumwald, ehtis, johnbillion, johnjamesjacoby, martinkrcho, matveb, oztaser, paulkevan, peterwilsoncc, ravipatel, SergeyBiryukov, talldanwp, timothyblynjacobs, tykoted, voldemortensen, vortfu, xknown.

Location:
branches/5.4
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/5.4

  • branches/5.4/src/wp-includes/class-wp-query.php

    r47641 r54559  
    442442    public $thumbnails_cached = false;
    443443
     444    /**
     445     * Controls whether an attachment query should include filenames or not.
     446     *
     447     * @since 6.0.3
     448     * @var bool
     449     */
     450    protected $allow_query_attachment_by_filename = false;
    444451    /**
    445452     * Cached list of search stopwords.
     
    13891396            }
    13901397
    1391             $like      = $n . $wpdb->esc_like( $term ) . $n;
    1392             $search   .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s))", $like, $like, $like );
     1398            $like = $n . $wpdb->esc_like( $term ) . $n;
     1399
     1400            if ( ! empty( $this->allow_query_attachment_by_filename ) ) {
     1401                $search .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s) $andor_op (sq1.meta_value $like_op %s))", $like, $like, $like, $like );
     1402            } else {
     1403                $search .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s))", $like, $like, $like );
     1404            }
    13931405            $searchand = ' AND ';
    13941406        }
     
    17741786        $q = $this->fill_query_vars( $q );
    17751787
     1788        /**
     1789         * Filters whether an attachment query should include filenames or not.
     1790         *
     1791         * @since 6.0.3
     1792         *
     1793         * @param bool $allow_query_attachment_by_filename Whether or not to include filenames.
     1794         */
     1795        $this->allow_query_attachment_by_filename = apply_filters( 'wp_allow_query_attachment_by_filename', false );
     1796        remove_all_filters( 'wp_allow_query_attachment_by_filename' );
     1797
    17761798        // Parse meta query.
    17771799        $this->meta_query = new WP_Meta_Query();
     
    22052227        }
    22062228
    2207         if ( ! empty( $this->tax_query->queries ) || ! empty( $this->meta_query->queries ) ) {
     2229        if ( ! empty( $this->tax_query->queries ) || ! empty( $this->meta_query->queries ) || ! empty( $this->allow_query_attachment_by_filename ) ) {
    22082230            $groupby = "{$wpdb->posts}.ID";
    22092231        }
     
    22812303        }
    22822304        $where .= $search . $whichauthor . $whichmimetype;
     2305
     2306        if ( ! empty( $this->allow_query_attachment_by_filename ) ) {
     2307            $join .= " LEFT JOIN {$wpdb->postmeta} AS sq1 ON ( {$wpdb->posts}.ID = sq1.post_id AND sq1.meta_key = '_wp_attached_file' )";
     2308        }
    22832309
    22842310        if ( ! empty( $this->meta_query->queries ) ) {
Note: See TracChangeset for help on using the changeset viewer.