Fix gallery shortcode orderby param for all SQL setups. Sanitize orderby. fixes #6476 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@7592 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
9a15c3a960
commit
6a41b549d0
|
@ -366,6 +366,15 @@ function sanitize_title_with_dashes($title) {
|
||||||
return $title;
|
return $title;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ensures a string is a valid SQL order by clause like: post_name ASC, ID DESC
|
||||||
|
// accepts one or more columns, with or without ASC/DESC, and also accepts RAND()
|
||||||
|
function sanitize_sql_orderby( $orderby ){
|
||||||
|
preg_match('/^\s*([a-z0-9_]+(\s+(ASC|DESC))?(\s*,\s*|\s*$))+|^\s*RAND\(\s*\)\s*$/i', $orderby, $obmatches);
|
||||||
|
if ( !$obmatches )
|
||||||
|
return false;
|
||||||
|
return $orderby;
|
||||||
|
}
|
||||||
|
|
||||||
function convert_chars($content, $deprecated = '') {
|
function convert_chars($content, $deprecated = '') {
|
||||||
// Translation of invalid Unicode references range to valid range
|
// Translation of invalid Unicode references range to valid range
|
||||||
$wp_htmltranswinuni = array(
|
$wp_htmltranswinuni = array(
|
||||||
|
|
|
@ -340,6 +340,13 @@ function gallery_shortcode($attr) {
|
||||||
if ( $output != '' )
|
if ( $output != '' )
|
||||||
return $output;
|
return $output;
|
||||||
|
|
||||||
|
// We're trusting author input, so let's at least make sure it looks like a valid orderby statement
|
||||||
|
if ( isset( $attr['orderby'] ) ) {
|
||||||
|
$attr['orderby'] = sanitize_sql_orderby( $attr['orderby'] );
|
||||||
|
if ( !$attr['orderby'] )
|
||||||
|
unset( $attr['orderby'] );
|
||||||
|
}
|
||||||
|
|
||||||
extract(shortcode_atts(array(
|
extract(shortcode_atts(array(
|
||||||
'orderby' => 'menu_order ASC, ID ASC',
|
'orderby' => 'menu_order ASC, ID ASC',
|
||||||
'id' => $post->ID,
|
'id' => $post->ID,
|
||||||
|
@ -351,8 +358,7 @@ function gallery_shortcode($attr) {
|
||||||
), $attr));
|
), $attr));
|
||||||
|
|
||||||
$id = intval($id);
|
$id = intval($id);
|
||||||
$orderby = addslashes($orderby);
|
$attachments = get_children("post_parent=$id&post_type=attachment&post_mime_type=image&orderby={$orderby}");
|
||||||
$attachments = get_children("post_parent=$id&post_type=attachment&post_mime_type=image&orderby=\"{$orderby}\"");
|
|
||||||
|
|
||||||
if ( empty($attachments) )
|
if ( empty($attachments) )
|
||||||
return '';
|
return '';
|
||||||
|
@ -426,7 +432,7 @@ function next_image_link() {
|
||||||
function adjacent_image_link($prev = true) {
|
function adjacent_image_link($prev = true) {
|
||||||
global $post;
|
global $post;
|
||||||
$post = get_post($post);
|
$post = get_post($post);
|
||||||
$attachments = array_values(get_children("post_parent=$post->post_parent&post_type=attachment&post_mime_type=image&orderby=\"menu_order ASC, ID ASC\""));
|
$attachments = array_values(get_children("post_parent=$post->post_parent&post_type=attachment&post_mime_type=image&orderby=menu_order ASC, ID ASC"));
|
||||||
|
|
||||||
foreach ( $attachments as $k => $attachment )
|
foreach ( $attachments as $k => $attachment )
|
||||||
if ( $attachment->ID == $post->ID )
|
if ( $attachment->ID == $post->ID )
|
||||||
|
|
|
@ -460,6 +460,10 @@ function get_posts($args) {
|
||||||
if (!empty($exclusions))
|
if (!empty($exclusions))
|
||||||
$exclusions .= ')';
|
$exclusions .= ')';
|
||||||
|
|
||||||
|
// orderby
|
||||||
|
if ( preg_match( '/.+ +(ASC|DESC)/i', $orderby ) )
|
||||||
|
$order = ''; // orderby has its own order, so we'll use that
|
||||||
|
|
||||||
$query = "SELECT DISTINCT * FROM $wpdb->posts ";
|
$query = "SELECT DISTINCT * FROM $wpdb->posts ";
|
||||||
$query .= empty( $category ) ? '' : ", $wpdb->term_relationships, $wpdb->term_taxonomy ";
|
$query .= empty( $category ) ? '' : ", $wpdb->term_relationships, $wpdb->term_taxonomy ";
|
||||||
$query .= empty( $meta_key ) ? '' : ", $wpdb->postmeta ";
|
$query .= empty( $meta_key ) ? '' : ", $wpdb->postmeta ";
|
||||||
|
|
Loading…
Reference in New Issue