[wp-trac] [WordPress Trac] #35493: get_terms does not return correct value when a term is searched by a name containing a single quote
WordPress Trac
noreply at wordpress.org
Sun Jan 17 14:52:23 UTC 2016
#35493: get_terms does not return correct value when a term is searched by a name
containing a single quote
---------------------------+-----------------------------
Reporter: maximeschoeni | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Taxonomy | Version: 4.4.1
Severity: normal | Keywords:
Focuses: |
---------------------------+-----------------------------
get_terms() function does not return correct value when a term is searched
by a name containing a single quote ('). Apparently the terms name get
escaped twice.
To reproduce it, first add one tag with name containing ', like ''Chef
d'oeuvre'', then use this function:
{{{
$name = "Chef d'oeuvre";
$terms = get_terms('post_tag', array(
'name' => $name,
'hide_empty' => false
));
var_dump($terms); // array(0) { }
}}}
I think the problem lies in /wp-includes/taxonomy.php, lines 1296-1301
(https://core.trac.wordpress.org/browser/tags/4.4/src/wp-
includes/taxonomy.php#L1296):
{{{
$names = (array) $args['name'];
var_dump($names); // array(1) { [0]=> string(13) "Chef d'oeuvre" }
foreach ( $names as &$_name ) {
$_name = sanitize_term_field( 'name', $_name, 0, reset( $taxonomies
), 'db' );
}
var_dump($names); // array(1) { [0]=> &string(14) "Chef d\'oeuvre" }
$where .= " AND t.name IN ('" . implode( "', '", array_map( 'esc_sql',
$names ) ) . "')";
var_dump($where ); // "tt.taxonomy IN ('post_tag') AND t.name IN ('Chef
d\\\'oeuvre')"
}}}
I'd suggest to just remove the last esc_sql formatting, but I am not sure
if it may lead to other problems.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35493>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list