[wp-trac] [WordPress Trac] #32937: $wp_query->parse_orderby() allows incorrect keys to go through(edge case)
WordPress Trac
noreply at wordpress.org
Sat Sep 12 21:05:16 UTC 2015
#32937: $wp_query->parse_orderby() allows incorrect keys to go through(edge case)
--------------------------+---------------------------
Reporter: nikolov.tmw | Owner: boonebgorges
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 4.4
Component: Query | Version:
Severity: normal | Resolution: fixed
Keywords: | Focuses:
--------------------------+---------------------------
Changes (by boonebgorges):
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"34090"]:
{{{
#!CommitTicketReference repository="" revision="34090"
Use stricter sanitization for meta query clause keys.
By forcing all clause keys to be strings, we make it possible to use
strict
comparison when validating values of 'orderby' as passed to `WP_Query`.
This
eliminates situations where the presence of numeric clause keys could
result
in an improperly validated 'orderby' value.
Props nikolov.tmw.
Fixes #32937.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32937#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list