[wp-trac] [WordPress Trac] #18366: Sanitize order and orderby in get_terms() breaks my plugin...
WordPress Trac
wp-trac at lists.automattic.com
Wed Aug 10 14:37:57 UTC 2011
#18366: Sanitize order and orderby in get_terms() breaks my plugin...
-------------------------------+------------------------------
Reporter: jameslafferty | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Taxonomy | Version: 3.2
Severity: normal | Resolution:
Keywords: reporter-feedback |
-------------------------------+------------------------------
Comment (by jameslafferty):
Replying to [comment:3 SergeyBiryukov]:
> Seems like it's still possible to set `orderby` using
`get_terms_orderby` filter. What exactly is broken here?
The issue is that whereas previously I could get_terms(... orderby =>
'menu_order' ...) when the plugin was installed, I no longer can. Using
the filter in this case makes for more awkward, less intuitive code even
in the simplest scenario, and, if I want to vary orderby over several
different get_terms calls within a theme, I need to get even more
"creative".
It's also not totally clear to me what we gain by comparing against the
whitelist if we then allow the sanitized orderby to be straight
overwritten with the filter. Likely, I'm missing something here, but
wouldn't it be better to sanitize orderby further down? In which case,
couldn't we do that sanity check in place of the final else clause?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/18366#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list