mirror of
https://github.com/WordPress/WordPress.git
synced 2025-01-22 08:11:52 +01:00
Use sanitize_key() instead of esc_sql() when 'escaping' variable DB field names. see #21767.
git-svn-id: http://core.svn.wordpress.org/trunk@24714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
8d65dc2469
commit
4fd4d4452f
@ -40,7 +40,7 @@ function add_metadata($meta_type, $object_id, $meta_key, $meta_value, $unique =
|
|||||||
|
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
$column = esc_sql($meta_type . '_id');
|
$column = sanitize_key($meta_type . '_id');
|
||||||
|
|
||||||
// expected_slashed ($meta_key)
|
// expected_slashed ($meta_key)
|
||||||
$meta_key = wp_unslash($meta_key);
|
$meta_key = wp_unslash($meta_key);
|
||||||
@ -110,7 +110,7 @@ function update_metadata($meta_type, $object_id, $meta_key, $meta_value, $prev_v
|
|||||||
|
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
$column = esc_sql($meta_type . '_id');
|
$column = sanitize_key($meta_type . '_id');
|
||||||
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
|
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
|
||||||
|
|
||||||
// expected_slashed ($meta_key)
|
// expected_slashed ($meta_key)
|
||||||
@ -193,7 +193,7 @@ function delete_metadata($meta_type, $object_id, $meta_key, $meta_value = '', $d
|
|||||||
|
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
$type_column = esc_sql($meta_type . '_id');
|
$type_column = sanitize_key($meta_type . '_id');
|
||||||
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
|
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
|
||||||
// expected_slashed ($meta_key)
|
// expected_slashed ($meta_key)
|
||||||
$meta_key = wp_unslash($meta_key);
|
$meta_key = wp_unslash($meta_key);
|
||||||
@ -397,7 +397,7 @@ function update_metadata_by_mid( $meta_type, $meta_id, $meta_value, $meta_key =
|
|||||||
if ( ! $table = _get_meta_table( $meta_type ) )
|
if ( ! $table = _get_meta_table( $meta_type ) )
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
$column = esc_sql($meta_type . '_id');
|
$column = sanitize_key($meta_type . '_id');
|
||||||
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
|
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
|
||||||
|
|
||||||
// Fetch the meta and go on if it's found.
|
// Fetch the meta and go on if it's found.
|
||||||
@ -478,7 +478,7 @@ function delete_metadata_by_mid( $meta_type, $meta_id ) {
|
|||||||
return false;
|
return false;
|
||||||
|
|
||||||
// object and id columns
|
// object and id columns
|
||||||
$column = esc_sql($meta_type . '_id');
|
$column = sanitize_key($meta_type . '_id');
|
||||||
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
|
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
|
||||||
|
|
||||||
// Fetch the meta and go on if it's found.
|
// Fetch the meta and go on if it's found.
|
||||||
@ -528,7 +528,7 @@ function update_meta_cache($meta_type, $object_ids) {
|
|||||||
if ( ! $table = _get_meta_table($meta_type) )
|
if ( ! $table = _get_meta_table($meta_type) )
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
$column = esc_sql($meta_type . '_id');
|
$column = sanitize_key($meta_type . '_id');
|
||||||
|
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
@ -706,7 +706,7 @@ class WP_Meta_Query {
|
|||||||
if ( ! $meta_table = _get_meta_table( $type ) )
|
if ( ! $meta_table = _get_meta_table( $type ) )
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
$meta_id_column = esc_sql( $type . '_id' );
|
$meta_id_column = sanitize_key( $type . '_id' );
|
||||||
|
|
||||||
$join = array();
|
$join = array();
|
||||||
$where = array();
|
$where = array();
|
||||||
|
@ -791,7 +791,7 @@ class WP_Tax_Query {
|
|||||||
if ( $query['field'] == $resulting_field )
|
if ( $query['field'] == $resulting_field )
|
||||||
return;
|
return;
|
||||||
|
|
||||||
$resulting_field = esc_sql( $resulting_field );
|
$resulting_field = sanitize_key( $resulting_field );
|
||||||
|
|
||||||
switch ( $query['field'] ) {
|
switch ( $query['field'] ) {
|
||||||
case 'slug':
|
case 'slug':
|
||||||
|
@ -393,7 +393,7 @@ class WP_User_Query {
|
|||||||
|
|
||||||
$this->query_fields = array();
|
$this->query_fields = array();
|
||||||
foreach ( $qv['fields'] as $field )
|
foreach ( $qv['fields'] as $field )
|
||||||
$this->query_fields[] = $wpdb->users . '.' . esc_sql( $field );
|
$this->query_fields[] = $wpdb->users . '.' . sanitize_key( $field );
|
||||||
$this->query_fields = implode( ',', $this->query_fields );
|
$this->query_fields = implode( ',', $this->query_fields );
|
||||||
} elseif ( 'all' == $qv['fields'] ) {
|
} elseif ( 'all' == $qv['fields'] ) {
|
||||||
$this->query_fields = "$wpdb->users.*";
|
$this->query_fields = "$wpdb->users.*";
|
||||||
|
Loading…
Reference in New Issue
Block a user