WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Don't allow private query vars in url_to_postid 

git-svn-id: http://svn.automattic.com/wordpress/branches/2.2@5926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2007-08-23 16:10:43 +00:00
parent 4b9fb9ed0c
commit f80a41e447
2 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
wp-includes/query.php
View File

@ -606,6 +606,12 @@ class WP_Query {
} }
} }
if ( !empty($qv['post_type']) )
$qv['post_type'] = sanitize_user($qv['post_type'], true);
if ( !empty($qv['post_status']) )
$qv['post_status'] = sanitize_user($qv['post_status'], true);
if ( $this->is_posts_page && !$qv['withcomments'] ) if ( $this->is_posts_page && !$qv['withcomments'] )
$this->is_comment_feed = false; $this->is_comment_feed = false;

9
wp-includes/rewrite.php
View File

@ -135,6 +135,15 @@ function url_to_postid($url) {
// Substitute the substring matches into the query. // Substitute the substring matches into the query.
eval("\$query = \"$query\";"); eval("\$query = \"$query\";");
// Filter out non-public query vars
global $wp;
parse_str($query, $query_vars);
$query = array();
foreach ( $query_vars as $key => $value ) {
if ( in_array($key, $wp->public_query_vars) )
$query[$key] = $value;
}
// Do the query
$query = new WP_Query($query); $query = new WP_Query($query);
if ( $query->is_single || $query->is_page ) if ( $query->is_single || $query->is_page )
return $query->post->ID; return $query->post->ID;