WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Don't double-escape `terms` payload in `WP_Tax_Query::transform_query()`. 

`terms` values are passed through `sanitize_term_field()` with the 'db'
flag, which add slashes. Because `terms` are subsequently run through
`esc_sql()`, these slashes must be removed. See [36348], which added
a similar step to sanitization in `get_terms()`.

Props bcworkz.
Fixes #39315.
Built from https://develop.svn.wordpress.org/trunk@39662


git-svn-id: http://core.svn.wordpress.org/trunk@39602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Boone Gorges 2017-01-02 19:40:19 +00:00
parent 66551de94c
commit 5fc3bbbfd2
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
wp-includes/class-wp-tax-query.php
View File

@ -623,7 +623,12 @@ class WP_Tax_Query {
* matter because `sanitize_term_field()` ignores the $term_id param when the * matter because `sanitize_term_field()` ignores the $term_id param when the
* context is 'db'. * context is 'db'.
*/ */
$term = "'" . esc_sql( sanitize_term_field( $query['field'], $term, 0, $query['taxonomy'], 'db' ) ) . "'"; $clean_term = sanitize_term_field( $query['field'], $term, 0, $query['taxonomy'], 'db' );
// Match sanitization in wp_insert_term().
$clean_term = wp_unslash( $clean_term );
$term = "'" . esc_sql( $clean_term ) . "'";
} }
$terms = implode( ",", $query['terms'] ); $terms = implode( ",", $query['terms'] );

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.8-alpha-39660'; $wp_version = '4.8-alpha-39662';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.