[wp-trac] [WordPress Trac] #18366: Sanitize order and orderby in get_terms() breaks my plugin...

WordPress Trac wp-trac at lists.automattic.com
Wed Aug 10 08:31:52 UTC 2011


#18366: Sanitize order and orderby in get_terms() breaks my plugin...
---------------------------+------------------------------
 Reporter:  jameslafferty  |       Owner:
     Type:  defect (bug)   |      Status:  new
 Priority:  normal         |   Milestone:  Awaiting Review
Component:  Taxonomy       |     Version:  3.2
 Severity:  normal         |  Resolution:
 Keywords:                 |
---------------------------+------------------------------

Old description:

> And generally reduces possibilities for extending the taxonomy model. My
> plugin "Term Menu Order"  (http://wordpress.org/extend/plugins/term-menu-
> order/) allowed manual ordering of terms, which isn't possible given the
> method of sanitizing the order and orderby clauses. I totally get the
> potential security concerns -- maybe there's a way to sanitize the inputs
> that's a bit less draconian, though? The relevant changeset is 18344.

New description:

 And generally reduces possibilities for extending the taxonomy model. My
 plugin "Term Menu Order"  (http://wordpress.org/extend/plugins/term-menu-
 order/) allowed manual ordering of terms, which isn't possible given the
 method of sanitizing the order and orderby clauses. I totally get the
 potential security concerns -- maybe there's a way to sanitize the inputs
 that's a bit less draconian, though? The relevant changeset is r18344.

--

Comment (by ocean90):

 Changeset linked.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/18366#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list