Changeset 5926

Timestamp:

08/23/07 16:10:43 (1 year ago)

Author:

ryan

Message:

Don't allow private query vars in url_to_postid

Files:

• branches/2.2/wp-includes/query.php (modified) (1 diff)
• branches/2.2/wp-includes/rewrite.php (modified) (1 diff)

branches/2.2/wp-includes/query.php

@@ -607 +607 @@
-        }
-
+        if ( !empty($qv['post_type']) )
+            $qv['post_type'] = sanitize_user($qv['post_type'], true);
+
+        if ( !empty($qv['post_status']) )
+            $qv['post_status'] = sanitize_user($qv['post_status'], true);
+
-        if ( $this->is_posts_page && !$qv['withcomments'] )
-            $this->is_comment_feed = false;

branches/2.2/wp-includes/rewrite.php

@@ -136 +136 @@
-            // Substitute the substring matches into the query.
-            eval("\$query = \"$query\";");
+            // Filter out non-public query vars
+            global $wp;
+            parse_str($query, $query_vars);
+            $query = array();
+            foreach ( $query_vars as $key => $value ) {
+                if ( in_array($key, $wp->public_query_vars) )
+                    $query[$key] = $value;
+            }
+            // Do the query
-            $query = new WP_Query($query);
-            if ( $query->is_single || $query->is_page )