Ticket #10041: 10041.3.diff
File 10041.3.diff, 1.2 KB (added by , 15 years ago) |
---|
-
wp-includes/taxonomy.php
866 866 } 867 867 868 868 if ( !empty($search) ) { 869 $search = like_escape( $search);869 $search = like_escape(stripslashes($search)); 870 870 $where .= " AND (t.name LIKE '%$search%')"; 871 871 } 872 872 -
wp-includes/bookmark.php
181 181 } 182 182 183 183 if ( ! empty($search) ) { 184 $search = like_escape( $search);184 $search = like_escape(stripslashes($search)); 185 185 $search = " AND ( (link_url LIKE '%$search%') OR (link_name LIKE '%$search%') OR (link_description LIKE '%$search%') ) "; 186 186 } 187 187 -
wp-includes/formatting.php
2329 2329 * @return string text, safe for inclusion in LIKE query. 2330 2330 */ 2331 2331 function like_escape($text) { 2332 return str_replace(array("%", "_"), array("\\%", "\\_"), $text);2332 return esc_sql(addcslashes($text, '_%\\')); 2333 2333 } 2334 2334 2335 2335 /**