Wordpress 3.1.4

[autoinstalls/wordpress.git] / wp-includes / taxonomy.php

diff --git a/wp-includes/taxonomy.php b/wp-includes/taxonomy.php
index 33d4329debf83e2d75ab71e0370b40010320b7a8..9e9d24aeea6065ef76268702321bc9f8d7caad23 100644 (file)
--- a/wp-includes/taxonomy.php
+++ b/wp-includes/taxonomy.php
@@ -1194,6 +1194,8 @@ function &get_terms($taxonomies, $args = '') {
                $orderby = '';
        elseif ( empty($_orderby) || 'id' == $_orderby )
                $orderby = 't.term_id';
+       else
+               $orderby = 't.name';
 
        $orderby = apply_filters( 'get_terms_orderby', $orderby, $args );
 
@@ -1202,6 +1204,10 @@ function &get_terms($taxonomies, $args = '') {
        else
                $order = '';
 
+       $order = strtoupper( $order );
+       if ( '' !== $order && !in_array( $order, array( 'ASC', 'DESC' ) ) )
+               $order = 'ASC';
+
        $where = "tt.taxonomy IN ('" . implode("', '", $taxonomies) . "')";
        $inclusions = '';
        if ( !empty($include) ) {
@@ -1255,8 +1261,10 @@ function &get_terms($taxonomies, $args = '') {
                $where .= " AND t.slug = '$slug'";
        }
 
-       if ( !empty($name__like) )
-               $where .= " AND t.name LIKE '" . like_escape( $name__like ) . "%'";
+       if ( !empty($name__like) ) {
+               $name__like = like_escape( $name__like );
+               $where .= $wpdb->prepare( " AND t.name LIKE %s", $name__like . '%' );
+       }
 
        if ( '' !== $parent ) {
                $parent = (int) $parent;
@@ -1278,7 +1286,7 @@ function &get_terms($taxonomies, $args = '') {
 
        if ( !empty($search) ) {
                $search = like_escape($search);
-               $where .= " AND (t.name LIKE '%$search%')";
+               $where .= $wpdb->prepare( " AND (t.name LIKE %s)", '%' . $search . '%');
        }
 
        $selects = array();