vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-03-25 07:44:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Don't allow private query vars in url_to_postid

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@5925 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren
2007-08-23 16:09:37 +00:00
parent de6855386a
commit ca4e75cb57
2 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
wp-includes/query.php
View File

@@ -657,6 +657,12 @@ class WP_Query {
}
}
if ( !empty($qv['post_type']) )
$qv['post_type'] = sanitize_user($qv['post_type'], true);
if ( !empty($qv['post_status']) )
$qv['post_status'] = sanitize_user($qv['post_status'], true);
if ( $this->is_posts_page && !$qv['withcomments'] )
$this->is_comment_feed = false;