[wp-trac] [WordPress Trac] #44779: WP_Term_Query 'search' arg escaping
WordPress Trac
noreply at wordpress.org
Sun Aug 12 00:12:15 UTC 2018
#44779: WP_Term_Query 'search' arg escaping
-------------------------------+------------------------------
Reporter: stephansamuel | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Taxonomy | Version: 4.9.8
Severity: normal | Resolution:
Keywords: reporter-feedback | Focuses:
-------------------------------+------------------------------
Changes (by boonebgorges):
* keywords: => reporter-feedback
Comment:
Hi @stephansamuel - Welcome to WordPress Trac, and thanks for the report.
The `%` escaping that you see on the `WP_Term_Query` `request` property is
expected behavior. The hexadecimal hashes you see are swapped out for
proper `%` characters at the time that `$wpdb->query()` is run. This is a
security precaution. See https://make.wordpress.org/core/2017/10/31
/changed-behaviour-of-esc_sql-in-wordpress-4-8-3/ and linked tickets for
more details. If something is wrong, it's probably not related to the
placeholder juggling.
I've attached an automated test that passes, and demonstrates that the
core `'search'` functionality is working as expected. If there's a problem
on your installation, it's likely due to a plugin conflict - check for
those that filter term queries - or because your `$searchterm` does not,
in fact, match anything. See if you can reproduce the problem on a clean
WP installation, which should help you narrow down the source of the
problem.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44779#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list