Don't pass cat as ref. Fix some term sanitization. fixes #4702

git-svn-id: http://svn.automattic.com/wordpress/trunk@5938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2007-08-24 18:41:01 +00:00
parent ccdf20ef62
commit 51b6d6f6ea
3 changed files with 6 additions and 13 deletions

View File

@ -12,11 +12,7 @@ function category_exists($cat_name) {
} }
function get_category_to_edit( $id ) { function get_category_to_edit( $id ) {
$category = get_category( $id ); $category = get_category( $id, OBJECT, 'edit' );
$category->term_id = (int) $category->term_id;
$category->parent = (int) $category->parent;
return $category; return $category;
} }
@ -90,7 +86,7 @@ function wp_insert_category($catarr) {
$description = apply_filters('pre_category_description', $description); $description = apply_filters('pre_category_description', $description);
$parent = (int) $parent; $parent = (int) $parent;
if ( empty($parent) || !get_category( $parent ) || ($cat_ID && cat_is_ancestor_of($cat_ID, $parent) ) ) if ( empty($parent) || !category_exists( $parent ) || ($cat_ID && cat_is_ancestor_of($cat_ID, $parent) ) )
$parent = 0; $parent = 0;
$args = compact('name', 'slug', 'parent', 'description'); $args = compact('name', 'slug', 'parent', 'description');

View File

@ -28,8 +28,8 @@ function &get_categories($args = '') {
// Retrieves category data given a category ID or category object. // Retrieves category data given a category ID or category object.
// Handles category caching. // Handles category caching.
function &get_category(&$category, $output = OBJECT) { function &get_category($category, $output = OBJECT, $filter = 'raw') {
$category = get_term($category, 'category', $output); $category = get_term($category, 'category', $output, $filter);
_make_cat_compat($category); _make_cat_compat($category);

View File

@ -229,7 +229,7 @@ function get_objects_in_term( $terms, $taxonomies, $args = array() ) {
* This won't appear but just a note to say that this is all conjecture and parts or whole * This won't appear but just a note to say that this is all conjecture and parts or whole
* might be inaccurate or wrong. * might be inaccurate or wrong.
*/ */
function &get_term(&$term, $taxonomy, $output = OBJECT, $filter = 'raw') { function &get_term($term, $taxonomy, $output = OBJECT, $filter = 'raw') {
global $wpdb; global $wpdb;
if ( empty($term) ) if ( empty($term) )
@ -884,8 +884,6 @@ function wp_update_term( $term, $taxonomy, $args = array() ) {
// First, get all of the original args // First, get all of the original args
$term = get_term ($term_id, $taxonomy, ARRAY_A); $term = get_term ($term_id, $taxonomy, ARRAY_A);
$term = sanitize_term($term, $taxonomy, 'db');
// Escape data pulled from DB. // Escape data pulled from DB.
$term = add_magic_quotes($term); $term = add_magic_quotes($term);
@ -894,12 +892,11 @@ function wp_update_term( $term, $taxonomy, $args = array() ) {
$defaults = array( 'alias_of' => '', 'description' => '', 'parent' => 0, 'slug' => ''); $defaults = array( 'alias_of' => '', 'description' => '', 'parent' => 0, 'slug' => '');
$args = wp_parse_args($args, $defaults); $args = wp_parse_args($args, $defaults);
$args = sanitize_term($args, $taxonomy, 'db');
extract($args, EXTR_SKIP); extract($args, EXTR_SKIP);
if ( empty($slug) ) if ( empty($slug) )
$slug = sanitize_title($name); $slug = sanitize_title($name);
else
$slug = sanitize_title($slug);
if ( $alias_of ) { if ( $alias_of ) {
$alias = $wpdb->fetch_row("SELECT term_id, term_group FROM $wpdb->terms WHERE slug = '$alias_of'"); $alias = $wpdb->fetch_row("SELECT term_id, term_group FROM $wpdb->terms WHERE slug = '$alias_of'");