golem
/
twentyGOLEM
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

In WP_Themes_List_Table, don't perform unnecessary sanitization on search terms or filter features. We only use these for case-insensitive comparison. see #19815. 

git-svn-id: http://svn.automattic.com/wordpress/trunk@20048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
nacin 2012-02-29 22:19:18 +00:00
parent 814d899e88
commit b1621b75bb
1 changed files with 26 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
wp-admin/includes/class-wp-themes-list-table.php
View File

@ -9,9 +9,9 @@
*/
class WP_Themes_List_Table extends WP_List_Table {
var $search = array();
protected $search_terms = array();
var $features = array();
function __construct() {
parent::__construct( array(
'ajax' => true,
@ -26,20 +26,15 @@ class WP_Themes_List_Table extends WP_List_Table {
function prepare_items() {
$themes = wp_get_themes( array( 'allowed' => true ) );
if ( ! empty( $_REQUEST['s'] ) ) {
$search = strtolower( stripslashes( $_REQUEST['s'] ) );
$this->search = array_merge( $this->search, array_filter( array_map( 'trim', explode( ',', $search ) ) ) );
$this->search = array_unique( $this->search );
}
if ( ! empty( $_REQUEST['s'] ) )
$this->search_terms = array_unique( array_filter( array_map( 'trim', explode( ',', strtolower( stripslashes( $_REQUEST['s'] ) ) ) ) ) );
if ( !empty( $_REQUEST['features'] ) ) {
if ( ! empty( $_REQUEST['features'] ) ) {
var_dump( $_REQUEST['features'] );
$this->features = $_REQUEST['features'];
$this->features = array_map( 'trim', $this->features );
$this->features = array_map( 'sanitize_title_with_dashes', $this->features );
$this->features = array_unique( $this->features );
}
if ( $this->search || $this->features ) {
if ( $this->search_terms || $this->features ) {
foreach ( $themes as $key => $theme ) {
if ( ! $this->search_theme( $theme ) )
unset( $themes[ $key ] );
@ -63,7 +58,7 @@ class WP_Themes_List_Table extends WP_List_Table {
}
function no_items() {
if ( $this->search || $this->features ) {
if ( $this->search_terms || $this->features ) {
_e( 'No items found.' );
return;
}
@ -186,33 +181,29 @@ class WP_Themes_List_Table extends WP_List_Table {
function search_theme( $theme ) {
// Search the features
if ( $this->features ) {
foreach ( $this->features as $word ) {
if ( ! in_array( $word, $theme->get('Tags') ) )
return false;
}
foreach ( $this->features as $word ) {
if ( ! in_array( $word, $theme->get('Tags') ) )
return false;
}
// Match all phrases
if ( $this->search ) {
foreach ( $this->search as $word ) {
if ( in_array( $word, $theme->get('Tags') ) )
continue;
foreach ( $this->search_terms as $word ) {
if ( in_array( $word, $theme->get('Tags') ) )
continue;
foreach ( array( 'Name', 'Description', 'Author', 'AuthorURI' ) as $header ) {
// Don't mark up; Do translate.
if ( false !== stripos( $theme->display( $header, false, true ), $word ) )
continue 2;
}
if ( false !== stripos( $theme->get_stylesheet(), $word ) )
continue;
if ( false !== stripos( $theme->get_template(), $word ) )
continue;
return false;
foreach ( array( 'Name', 'Description', 'Author', 'AuthorURI' ) as $header ) {
// Don't mark up; Do translate.
if ( false !== stripos( $theme->display( $header, false, true ), $word ) )
continue 2;
}
if ( false !== stripos( $theme->get_stylesheet(), $word ) )
continue;
if ( false !== stripos( $theme->get_template(), $word ) )
continue;
return false;
}
return true;