Make WordPress Core


Ignore:
Timestamp:
04/02/2008 01:15:21 PM (16 years ago)
Author:
markjaquith
Message:

Sanitize "cat" query var and cast to int before looking for a category template

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/theme.php

    r7491 r7586  
    364364function get_category_template() {
    365365    $template = '';
    366     if ( file_exists(TEMPLATEPATH . "/category-" . get_query_var('cat') . '.php') )
    367         $template = TEMPLATEPATH . "/category-" . get_query_var('cat') . '.php';
     366    if ( file_exists(TEMPLATEPATH . "/category-" . absint( get_query_var('cat') ) . '.php') )
     367        $template = TEMPLATEPATH . "/category-" . absint( get_query_var('cat') ) . '.php';
    368368    elseif ( file_exists(TEMPLATEPATH . "/category.php") )
    369369        $template = TEMPLATEPATH . "/category.php";
Note: See TracChangeset for help on using the changeset viewer.