[wp-trac] [WordPress Trac] #7423: in WP_Query,
sanitization breaks usage of multiple post_type or post_status
values
WordPress Trac
wp-trac at lists.automattic.com
Mon Jul 28 21:46:51 GMT 2008
#7423: in WP_Query, sanitization breaks usage of multiple post_type or post_status
values
-------------------------+--------------------------------------------------
Reporter: markjaquith | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.7
Component: General | Version: 2.6
Severity: normal | Keywords:
-------------------------+--------------------------------------------------
I was trying to get WP_Query to give me all draft OR future posts by other
authors, but found that it would not accept comma-separated post_status
values. Turns out we're using {{{sanitize_user()}}} on the query values
of post_type and post_status which breaks that functionality. We need to
allow commas so that WP_Query can process {{{post_status=draft,future}}}
Switching that {{{sanitize_user()}}} line to a {{{[^a-z0-9,_-]
preg_replace()}}} sanitization line allowed my WP_Query call to work as
intended.
--
Ticket URL: <http://trac.wordpress.org/ticket/7423>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list