Use sanitize_key() for theme search tags/features. sanitize_title_with_dashes() is overkill. see #19815.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
234d355ef7
commit
4805a38f7d
|
@ -7,30 +7,25 @@
|
||||||
* @since 3.1.0
|
* @since 3.1.0
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
|
class WP_Theme_Install_List_Table extends WP_List_Table {
|
||||||
|
|
||||||
var $features = array();
|
function __construct() {
|
||||||
|
parent::__construct( array(
|
||||||
|
'ajax' => true,
|
||||||
|
) );
|
||||||
|
}
|
||||||
|
|
||||||
function ajax_user_can() {
|
function ajax_user_can() {
|
||||||
return current_user_can( 'install_themes' );
|
return current_user_can('install_themes');
|
||||||
}
|
}
|
||||||
|
|
||||||
function prepare_items() {
|
function prepare_items() {
|
||||||
include( ABSPATH . 'wp-admin/includes/theme-install.php' );
|
include( ABSPATH . 'wp-admin/includes/theme-install.php' );
|
||||||
|
|
||||||
global $tabs, $tab, $paged, $type, $theme_field_defaults;
|
global $tabs, $tab, $paged, $type, $term, $theme_field_defaults;
|
||||||
|
|
||||||
wp_reset_vars( array( 'tab' ) );
|
wp_reset_vars( array( 'tab' ) );
|
||||||
|
|
||||||
$search_terms = array();
|
|
||||||
$search_string = '';
|
|
||||||
if ( ! empty( $_REQUEST['s'] ) ){
|
|
||||||
$search_string = strtolower( stripslashes( $_REQUEST['s'] ) );
|
|
||||||
$search_terms = array_unique( array_filter( array_map( 'trim', explode( ',', $search_string ) ) ) );
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( ! empty( $_REQUEST['features'] ) )
|
|
||||||
$this->features = $_REQUEST['features'];
|
|
||||||
|
|
||||||
$paged = $this->get_pagenum();
|
$paged = $this->get_pagenum();
|
||||||
|
|
||||||
$per_page = 36;
|
$per_page = 36;
|
||||||
|
@ -60,21 +55,29 @@ class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
|
||||||
switch ( $tab ) {
|
switch ( $tab ) {
|
||||||
case 'search':
|
case 'search':
|
||||||
$type = isset( $_REQUEST['type'] ) ? stripslashes( $_REQUEST['type'] ) : '';
|
$type = isset( $_REQUEST['type'] ) ? stripslashes( $_REQUEST['type'] ) : '';
|
||||||
|
$term = isset( $_REQUEST['s'] ) ? stripslashes( $_REQUEST['s'] ) : '';
|
||||||
|
|
||||||
switch ( $type ) {
|
switch ( $type ) {
|
||||||
case 'tag':
|
case 'tag':
|
||||||
$args['tag'] = array_map( 'sanitize_title_with_dashes', $search_terms );
|
$terms = explode( ',', $term );
|
||||||
|
$terms = array_map( 'trim', $terms );
|
||||||
|
$terms = array_map( 'sanitize_key', $terms );
|
||||||
|
$args['tag'] = $terms;
|
||||||
break;
|
break;
|
||||||
case 'term':
|
case 'term':
|
||||||
$args['search'] = $search_string;
|
$args['search'] = $term;
|
||||||
break;
|
break;
|
||||||
case 'author':
|
case 'author':
|
||||||
$args['author'] = $search_string;
|
$args['author'] = $term;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( ! empty( $this->features ) ) {
|
if ( !empty( $_REQUEST['features'] ) ) {
|
||||||
$args['tag'] = $this->features;
|
$terms = $_REQUEST['features'];
|
||||||
$_REQUEST['s'] = implode( ',', $this->features );
|
$terms = array_map( 'trim', $terms );
|
||||||
|
$terms = array_map( 'sanitize_key', $terms );
|
||||||
|
$args['tag'] = $terms;
|
||||||
|
$_REQUEST['s'] = implode( ',', $terms );
|
||||||
$_REQUEST['type'] = 'tag';
|
$_REQUEST['type'] = 'tag';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -92,7 +95,7 @@ class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
|
||||||
$args = false;
|
$args = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( ! $args )
|
if ( !$args )
|
||||||
return;
|
return;
|
||||||
|
|
||||||
$api = themes_api( 'query_themes', $args );
|
$api = themes_api( 'query_themes', $args );
|
||||||
|
@ -105,7 +108,6 @@ class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
|
||||||
$this->set_pagination_args( array(
|
$this->set_pagination_args( array(
|
||||||
'total_items' => $api->info['results'],
|
'total_items' => $api->info['results'],
|
||||||
'per_page' => $per_page,
|
'per_page' => $per_page,
|
||||||
'infinite_scroll' => true,
|
|
||||||
) );
|
) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -126,7 +128,12 @@ class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
|
||||||
return $display_tabs;
|
return $display_tabs;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function get_columns() {
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
|
||||||
function display() {
|
function display() {
|
||||||
|
|
||||||
wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
|
wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
|
||||||
?>
|
?>
|
||||||
<div class="tablenav top themes">
|
<div class="tablenav top themes">
|
||||||
|
@ -142,8 +149,12 @@ class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
|
||||||
<?php $this->display_rows_or_placeholder(); ?>
|
<?php $this->display_rows_or_placeholder(); ?>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<?php
|
<div class="tablenav bottom themes">
|
||||||
parent::tablenav( 'bottom' );
|
<?php $this->pagination( 'bottom' ); ?>
|
||||||
|
<img src="<?php echo esc_url( admin_url( 'images/wpspin_light.gif' ) ); ?>" class="ajax-loading list-ajax-loading" alt="" />
|
||||||
|
<br class="clear" />
|
||||||
|
</div>
|
||||||
|
<?php
|
||||||
}
|
}
|
||||||
|
|
||||||
function display_rows() {
|
function display_rows() {
|
||||||
|
@ -159,18 +170,4 @@ class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
|
||||||
?></div>
|
?></div>
|
||||||
<?php } // end foreach $theme_names
|
<?php } // end foreach $theme_names
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Send required variables to JavaScript land
|
|
||||||
*
|
|
||||||
* @since 3.4
|
|
||||||
* @access private
|
|
||||||
*
|
|
||||||
* @uses $tab Global; current tab within Themes->Install screen
|
|
||||||
* @uses $type Global; type of search.
|
|
||||||
*/
|
|
||||||
function _js_vars() {
|
|
||||||
global $tab, $type;
|
|
||||||
parent::_js_vars( compact( $tab, $type ) );
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue