Skip to content

Commit 8538429

Browse files
committed
Query: Ensure that queries work correctly with post type names with special characters.
Built from https://develop.svn.wordpress.org/trunk@39952 git-svn-id: http://core.svn.wordpress.org/trunk@39889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
1 parent a44f8db commit 8538429

File tree

2 files changed

+4
-4
lines changed

2 files changed

+4
-4
lines changed

Diff for: wp-includes/class-wp-query.php

+3-3
Original file line numberDiff line numberDiff line change
@@ -2257,12 +2257,12 @@ public function get_posts() {
22572257
if ( empty( $in_search_post_types ) ) {
22582258
$where .= ' AND 1=0 ';
22592259
} else {
2260-
$where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", $in_search_post_types ) . "')";
2260+
$where .= " AND {$wpdb->posts}.post_type IN ('" . join( "', '", array_map( 'esc_sql', $in_search_post_types ) ) . "')";
22612261
}
22622262
} elseif ( !empty( $post_type ) && is_array( $post_type ) ) {
2263-
$where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", $post_type) . "')";
2263+
$where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", esc_sql( $post_type ) ) . "')";
22642264
} elseif ( ! empty( $post_type ) ) {
2265-
$where .= " AND {$wpdb->posts}.post_type = '$post_type'";
2265+
$where .= $wpdb->prepare( " AND {$wpdb->posts}.post_type = %s", $post_type );
22662266
$post_type_object = get_post_type_object ( $post_type );
22672267
} elseif ( $this->is_attachment ) {
22682268
$where .= " AND {$wpdb->posts}.post_type = 'attachment'";

Diff for: wp-includes/version.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
*
55
* @global string $wp_version
66
*/
7-
$wp_version = '4.8-alpha-39951';
7+
$wp_version = '4.8-alpha-39952';
88

99
/**
1010
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.

0 commit comments

Comments
 (0)