Be stricter about sanitizing values coming out of `WP_Term`.

Data passed into `get_instance()` should be run through `sanitize_term()`
before being used.

See #34262.
Built from https://develop.svn.wordpress.org/trunk@35031


git-svn-id: http://core.svn.wordpress.org/trunk@34996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Boone Gorges 2015-10-12 15:13:24 +00:00
parent 2e4877d80c
commit 6912d6fe64
2 changed files with 5 additions and 7 deletions

View File

@ -139,7 +139,10 @@ final class WP_Term {
wp_cache_add( $term_id, $_term, 'terms' );
}
return new WP_Term( $_term );
$term_obj = new WP_Term( $_term );
$term_obj->filter( $term_obj->filter );
return $term_obj;
}
/**
@ -165,11 +168,6 @@ final class WP_Term {
* @param string $filter Filter context. Accepts 'edit', 'db', 'display', 'attribute', 'js', 'raw'.
*/
public function filter( $filter ) {
// Term has already been filtered - nothing more to do.
if ( isset( $this->filter ) && $this->filter === $filter ) {
return;
}
sanitize_term( $this, $this->taxonomy, $filter );
}

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.4-alpha-35030';
$wp_version = '4.4-alpha-35031';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.