WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use array keys instead of hard coded list when traversing post fields to sanitize. Props andy. fixes #5836 

git-svn-id: http://svn.automattic.com/wordpress/trunk@6803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2008-02-13 06:49:23 +00:00
parent f6cfa549fb
commit 7aa24fb904
1 changed files with 3 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
wp-includes/post.php
View File

@ -696,23 +696,15 @@ function get_post_custom_values( $key = '', $post_id = 0 ) {
}
function sanitize_post($post, $context = 'display') {
if ( 'raw' == $context )
return $post;
// TODO: Use array keys instead of hard coded list
$fields = array('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_date', 'post_date_gmt', 'post_parent', 'menu_order', 'post_mime_type', 'post_category');
$do_object = false;
if ( is_object($post) )
$do_object = true;
foreach ( $fields as $field ) {
if ( $do_object )
foreach ( array_keys(get_object_vars($post)) as $field )
$post->$field = sanitize_post_field($field, $post->$field, $post->ID, $context);
else
foreach ( array_keys($post) as $field )
$post[$field] = sanitize_post_field($field, $post[$field], $post['ID'], $context);
}
return $post;
}