Merge pull request #2435 from rebeccahum/fix/orderby_sanitization

Remove duplicate orderby for users query
10up · Nov 5, 2021 · 16c56cb · 16c56cb
2 parents 4a2547e + 060e3be
commit 16c56cb
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/includes/classes/Indexable/User/User.php b/includes/classes/Indexable/User/User.php
@@ -728,11 +728,15 @@ public function query_db( $args ) {
 			$args['order'] = 'desc';
 		}
 
+		$orderby_args = sanitize_sql_orderby( "{$args['orderby']} {$args['order']}" );
+		$orderby      = $orderby_args ? sprintf( 'ORDER BY %s', $orderby_args ) : '';
+
 		/**
 		 * WP_User_Query doesn't let us get users across all blogs easily. This is the best
 		 * way to do that.
 		 */
-		$objects = $wpdb->get_results( $wpdb->prepare( "SELECT SQL_CALC_FOUND_ROWS ID FROM {$wpdb->users} ORDER BY %s %s LIMIT %d, %d", $args['orderby'], $args['orderby'], (int) $args['offset'], (int) $args['number'] ) );
+		// phpcs:disable WordPress.DB.PreparedSQL.InterpolatedNotPrepared  
+		$objects = $wpdb->get_results( $wpdb->prepare( "SELECT SQL_CALC_FOUND_ROWS ID FROM {$wpdb->users} {$orderby} LIMIT %d, %d", (int) $args['offset'], (int) $args['number'] ) );
 
 		return [
 			'objects'       => $objects,