WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

The `gallery` shortcode used to accept a SQL chunk for the value of the `orderby` attribute. The reason? `get_posts()` used to be called in the shortcode handler with a query-string blob of arguments passed to it. To mitigate breakage, `sanitize_sql_orderby()` was created in [7592]. 

`sanitize_sql_orderby()` expects a comma to be present when multiple `orderby` values were passed. The correct syntax for multiple fields is space-delimited. Since [29027], comma-separated values would never be parsed correctly when passed to `WP_Query->parse_orderby()`.

`sanitize_sql_orderby()` is used nowhere else in core, save for the `playlist` shortcode - I only added it there because I was mimic'ing the `gallery` logic. The function call can be removed from both shortcode handlers.
 
See #6476.
Fixes #23873.

Built from https://develop.svn.wordpress.org/trunk@30068


git-svn-id: http://core.svn.wordpress.org/trunk@30068 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Scott Taylor 2014-10-28 20:43:22 +00:00
parent e4289bb37e
commit 5d17d2bd28
2 changed files with 2 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
wp-includes/media.php
View File

@ -938,14 +938,6 @@ function gallery_shortcode( $attr ) {
return $output; return $output;
} }
// We're trusting author input, so let's at least make sure it looks like a valid orderby statement
if ( isset( $attr['orderby'] ) ) {
$attr['orderby'] = sanitize_sql_orderby( $attr['orderby'] );
if ( ! $attr['orderby'] ) {
unset( $attr['orderby'] );
}
}
$html5 = current_theme_supports( 'html5', 'gallery' ); $html5 = current_theme_supports( 'html5', 'gallery' );
$atts = shortcode_atts( array( $atts = shortcode_atts( array(
'order' => 'ASC', 'order' => 'ASC',
@ -1056,7 +1048,7 @@ function gallery_shortcode( $attr ) {
$i = 0; $i = 0;
foreach ( $attachments as $id => $attachment ) { foreach ( $attachments as $id => $attachment ) {
$attr = ( trim( $attachment->post_excerpt ) ) ? array( 'aria-describedby' => "$selector-$id" ) : ''; $attr = ( trim( $attachment->post_excerpt ) ) ? array( 'aria-describedby' => "$selector-$id" ) : '';
if ( ! empty( $atts['link'] ) && 'file' === $atts['link'] ) { if ( ! empty( $atts['link'] ) && 'file' === $atts['link'] ) {
$image_output = wp_get_attachment_link( $id, $atts['size'], false, false, $attr ); $image_output = wp_get_attachment_link( $id, $atts['size'], false, false, $attr );
@ -1220,16 +1212,6 @@ function wp_playlist_shortcode( $attr ) {
return $output; return $output;
} }
/*
* We're trusting author input, so let's at least make sure it looks
* like a valid orderby statement.
*/
if ( isset( $attr['orderby'] ) ) {
$attr['orderby'] = sanitize_sql_orderby( $attr['orderby'] );
if ( ! $attr['orderby'] )
unset( $attr['orderby'] );
}
$atts = shortcode_atts( array( $atts = shortcode_atts( array(
'type' => 'audio', 'type' => 'audio',
'order' => 'ASC', 'order' => 'ASC',

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.1-alpha-30067'; $wp_version = '4.1-alpha-30068';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.