diff options
| author | Andrew Nacin <nacin@git.wordpress.org> | 2012-09-05 01:25:47 +0000 |
|---|---|---|
| committer | Andrew Nacin <nacin@git.wordpress.org> | 2012-09-05 01:25:47 +0000 |
| commit | 691a94c1b4f12618a1be3ffb0b3712a4d85f3f28 (patch) | |
| tree | 46960db8307ec3641cadb3caf3669cfd810d6297 | |
| parent | d07d89fd1f8f55e0af8f3530330659db70f228a8 (diff) | |
| download | wordpress-691a94c1b4f12618a1be3ffb0b3712a4d85f3f28.tar.gz wordpress-691a94c1b4f12618a1be3ffb0b3712a4d85f3f28.zip | |
Validate $order in wp_get_object_terms(). props duck_. for 3.4.
git-svn-id: https://develop.svn.wordpress.org/branches/3.4@21759 602fd350-edb4-49c9-b593-d223f7449a82
| -rw-r--r-- | wp-includes/taxonomy.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/wp-includes/taxonomy.php b/wp-includes/taxonomy.php index 8ea976ffac..514574e25d 100644 --- a/wp-includes/taxonomy.php +++ b/wp-includes/taxonomy.php @@ -1926,6 +1926,10 @@ function wp_get_object_terms($object_ids, $taxonomies, $args = array()) { if ( !empty($orderby) ) $orderby = "ORDER BY $orderby"; + $order = strtoupper( $order ); + if ( '' !== $order && ! in_array( $order, array( 'ASC', 'DESC' ) ) ) + $order = 'ASC'; + $taxonomies = "'" . implode("', '", $taxonomies) . "'"; $object_ids = implode(', ', $object_ids); |