Potential Security Issue in Custom Taxonomy Search Functionality


I’m wishing to add some functionality to a client WordPress site that allows you to include taxonomy terms from custom post types in the WordPress search, and come across the following answer:

Include custom taxonomy term in search

This solution does work, but in the comments a user has mentioned that it’s “probably not a good idea to inject the raw publicly available search string directly into an SQL query.” and added a link for further reading. I can’t see anything in this link that relates to the specifices of the answer though.

For quick reference the code for the answer is below, would this code be a security risk? And if so what would the solution be so you can still have the functionality of being able to include taxonomy terms in the WP search without the security risk?

Many thanks

// search all taxonomies, based on: http://projects.jesseheap.com/all-projects/wordpress-plugin-tag-search-in-wordpress-23

function atom_search_where($where){
global $wpdb;
if (is_search())
    $where .= "OR (t.name LIKE '%".get_search_query()."%' AND {$wpdb->posts}.post_status = 'publish')";
return $where;

function atom_search_join($join){
global $wpdb;
if (is_search())
    $join .= "LEFT JOIN {$wpdb->term_relationships} tr ON {$wpdb->posts}.ID = tr.object_id INNER JOIN {$wpdb->term_taxonomy} tt ON tt.term_taxonomy_id=tr.term_taxonomy_id INNER JOIN {$wpdb->terms} t ON t.term_id = tt.term_id";
return $join;

function atom_search_groupby($groupby){
global $wpdb;

// we need to group on post ID
$groupby_id = "{$wpdb->posts}.ID";
if(!is_search() || strpos($groupby, $groupby_id) !== false) return $groupby;

// groupby was empty, use ours
if(!strlen(trim($groupby))) return $groupby_id;

// wasn't empty, append ours
return $groupby.", ".$groupby_id;

add_filter('posts_join', 'atom_search_join');
add_filter('posts_groupby', 'atom_search_groupby');
, , , The Chewy 3 years 2020-04-05T00:50:51-05:00 0 Answers 95 views 0

Leave an answer