[wp-trac] [WordPress Trac] #35493: get_terms does not return correct value when a term is searched by a name containing a single quote
WordPress Trac
noreply at wordpress.org
Tue Jan 19 04:09:34 UTC 2016
#35493: get_terms does not return correct value when a term is searched by a name
containing a single quote
---------------------------+---------------------------
Reporter: maximeschoeni | Owner: boonebgorges
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 4.5
Component: Taxonomy | Version: 4.3
Severity: normal | Resolution: fixed
Keywords: | Focuses:
---------------------------+---------------------------
Changes (by boonebgorges):
* owner: => boonebgorges
* status: new => closed
* resolution: => fixed
Comment:
In [changeset:"36348"]:
{{{
#!CommitTicketReference repository="" revision="36348"
Don't double-escape the 'name' param in `get_terms()`.
[32353] changed the way the 'name' param in `get_terms()` is sanitized, by
running it through `sanitize_term_field( 'name' )` before performing the
SQL
query. An unintentional side effect of this change was that the string is
double-escaped: once by `wp_filter_kses()`, and once by `esc_sql()`. The
double-escaping was causing 'name' queries to fail when the param
contained
apostrophes or other escaped characters.
Fixes #35493.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35493#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list