WP Merge with revision 8075

git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1328 7be80a69-a1ef-0310-a953-fb0f7c49ff36

1 files changed, 9 insertions, 10 deletions

diff --git a/wp-includes/taxonomy.php b/wp-includes/taxonomy.php
index 4418e99..e150d21 100644
--- a/wp-includes/taxonomy.php
+++ b/wp-includes/taxonomy.php
@@ -159,7 +159,7 @@ function register_taxonomy( $taxonomy, $object_type, $args = array() ) {
 	$args = wp_parse_args($args, $defaults);
 
 	if ( false !== $args['query_var'] && !empty($wp) ) {
-		if ( empty($args['query_var']) )
+		if ( true === $args['query_var'] )
 			$args['query_var'] = $taxonomy;
 		$args['query_var'] = sanitize_title_with_dashes($args['query_var']);
 		$wp->add_query_var($args['query_var']);
@@ -751,7 +751,7 @@ function is_term($term, $taxonomy = '') {
 	}
 
 	if ( !empty($taxonomy) )
-		return $wpdb->get_row("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = '$taxonomy'", ARRAY_A);
+		return $wpdb->get_row( $wpdb->prepare("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = %s", $taxonomy), ARRAY_A);
 
 	return $wpdb->get_var("SELECT term_id FROM $wpdb->terms as t WHERE $where");
 }
@@ -890,8 +890,7 @@ function wp_count_terms( $taxonomy, $args = array() ) {
 	if ( $ignore_empty )
 		$where = 'AND count > 0';
 
-	$taxonomy = $wpdb->escape( $taxonomy );
-	return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE taxonomy = '$taxonomy' $where");
+	return $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE taxonomy = %s $where", $taxonomy) );
 }
 
 /**
@@ -920,7 +919,7 @@ function wp_delete_object_term_relationships( $object_id, $taxonomies ) {
 	foreach ( $taxonomies as $taxonomy ) {
 		$terms = wp_get_object_terms($object_id, $taxonomy, 'fields=tt_ids');
 		$in_terms = "'" . implode("', '", $terms) . "'";
-		$wpdb->query("DELETE FROM $wpdb->term_relationships WHERE object_id = '$object_id' AND term_taxonomy_id IN ($in_terms)");
+		$wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->term_relationships WHERE object_id = %d AND term_taxonomy_id IN ($in_terms)", $object_id) );
 		wp_update_term_count($terms, $taxonomy);
 	}
 }
@@ -1297,7 +1296,7 @@ function wp_set_object_terms($object_id, $terms, $taxonomy, $append = false) {
 		$delete_terms = array_diff($old_terms, $tt_ids);
 		if ( $delete_terms ) {
 			$in_delete_terms = "'" . implode("', '", $delete_terms) . "'";
-			$wpdb->query("DELETE FROM $wpdb->term_relationships WHERE object_id = '$object_id' AND term_taxonomy_id IN ($in_delete_terms)");
+			$wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->term_relationships WHERE object_id = %d AND term_taxonomy_id IN ($in_delete_terms)", $object_id) );
 			wp_update_term_count($delete_terms, $taxonomy);
 		}
 	}
@@ -1306,10 +1305,10 @@ function wp_set_object_terms($object_id, $terms, $taxonomy, $append = false) {
 	if ( ! $append && isset($t->sort) && $t->sort ) {
 		$values = array();
 		$term_order = 0;
-		$final_term_ids = wp_get_object_terms($object_id, $taxonomy, 'fields=tt_ids');
-		foreach ( $term_ids as $term_id )
-			if ( in_array($term_id, $final_term_ids) )
-				$values[] = $wpdb->prepare( "(%d, %d, %d)", $object_id, $term_id, ++$term_order);
+		$final_tt_ids = wp_get_object_terms($object_id, $taxonomy, 'fields=tt_ids');
+		foreach ( $tt_ids as $tt_id )
+			if ( in_array($tt_id, $final_tt_ids) )
+				$values[] = $wpdb->prepare( "(%d, %d, %d)", $object_id, $tt_id, ++$term_order);
 		if ( $values )
 			$wpdb->query("INSERT INTO $wpdb->term_relationships (object_id, term_taxonomy_id, term_order) VALUES " . join(',', $values) . " ON DUPLICATE KEY UPDATE term_order = VALUES(term_order)");
 	}