WordPress.org

Make WordPress Core

Ticket #10041: 10041.4.diff

File 10041.4.diff, 2.2 KB (added by Denis-de-Bernardy, 4 years ago)
  • wp-includes/taxonomy.php

     
    866866        } 
    867867 
    868868        if ( !empty($search) ) { 
    869                 $search = like_escape($search); 
     869                $search = esc_sql(like_escape(stripslashes($search))); 
    870870                $where .= " AND (t.name LIKE '%$search%')"; 
    871871        } 
    872872 
  • wp-includes/bookmark.php

     
    181181        } 
    182182 
    183183        if ( ! empty($search) ) { 
    184                 $search = like_escape($search); 
     184                $search = esc_sql(like_escape(stripslashes($search))); 
    185185                $search = " AND ( (link_url LIKE '%$search%') OR (link_name LIKE '%$search%') OR (link_description LIKE '%$search%') ) "; 
    186186        } 
    187187 
  • wp-includes/formatting.php

     
    23252325 * 
    23262326 * @since 2.5.0 
    23272327 * 
    2328  * @param string $text The text to be escaped. 
    2329  * @return string text, safe for inclusion in LIKE query. 
     2328 * @param string $text The text to be escaped (expected unslashed). 
     2329 * @return string text, NOT safe for inclusion in LIKE query (needs an additional esc_sql()). 
    23302330 */ 
    23312331function like_escape($text) { 
    2332         return str_replace(array("%", "_"), array("\\%", "\\_"), $text); 
     2332        return addcslashes($text, '_%\\'); 
    23332333} 
    23342334 
    23352335/** 
  • wp-admin/ms-sites.php

     
    328328        default: 
    329329                $apage = ( isset($_GET['apage'] ) && intval( $_GET['apage'] ) ) ? absint( $_GET['apage'] ) : 1; 
    330330                $num = ( isset($_GET['num'] ) && intval( $_GET['num'] ) ) ? absint( $_GET['num'] ) : 15; 
    331                 $s = isset($_GET['s']) ? esc_attr( trim( $_GET[ 's' ] ) ) : ''; 
    332                 $like_s = like_escape($s); 
     331                $s = isset($_GET['s']) ? stripslashes(trim( $_GET[ 's' ])) : ''; 
     332                $like_s = esc_sql(like_escape($s)); 
     333                $s = esc_attr($s); 
    333334 
    334335                $query = "SELECT * FROM {$wpdb->blogs} WHERE site_id = '{$wpdb->siteid}' "; 
    335336