WordPress 4.6.3

[autoinstalls/wordpress.git] / wp-includes / query.php

diff --git a/wp-includes/query.php b/wp-includes/query.php
index c5c1ae657ec0db81b56b099a24e78d3a8b9fe23a..053bd4cac3c7900ae6b13c357ae78cdf4c5fca8c 100644 (file)
--- a/wp-includes/query.php
+++ b/wp-includes/query.php
@@ -3069,14 +3069,15 @@ class WP_Query {
 
                if ( 'any' == $post_type ) {
                        $in_search_post_types = get_post_types( array('exclude_from_search' => false) );
-                       if ( empty( $in_search_post_types ) )
+                       if ( empty( $in_search_post_types ) ) {
                                $where .= ' AND 1=0 ';
-                       else
-                               $where .= " AND $wpdb->posts.post_type IN ('" . join("', '", $in_search_post_types ) . "')";
+                       } else {
+                               $where .= " AND {$wpdb->posts}.post_type IN ('" . join( "', '", array_map( 'esc_sql', $in_search_post_types ) ) . "')";
+                       }
                } elseif ( !empty( $post_type ) && is_array( $post_type ) ) {
-                       $where .= " AND $wpdb->posts.post_type IN ('" . join("', '", $post_type) . "')";
+                       $where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", esc_sql( $post_type ) ) . "')";
                } elseif ( ! empty( $post_type ) ) {
-                       $where .= " AND $wpdb->posts.post_type = '$post_type'";
+                       $where .= $wpdb->prepare( " AND {$wpdb->posts}.post_type = %s", $post_type );
                        $post_type_object = get_post_type_object ( $post_type );
                } elseif ( $this->is_attachment ) {
                        $where .= " AND $wpdb->posts.post_type = 'attachment'";