WordPress.org

Make WordPress Core

Ticket #15764: 15764.diff

File 15764.diff, 5.2 KB (added by ryan, 7 years ago)
  • wp-includes/taxonomy.php

     
    12371237        }
    12381238
    12391239        if ( !empty($name__like) )
    1240                 $where .= " AND t.name LIKE '{$name__like}%'";
     1240                $where .= " AND t.name LIKE '" . like_escape( $name__like ) . "%'";
    12411241
    12421242        if ( '' !== $parent ) {
    12431243                $parent = (int) $parent;
  • wp-includes/comment.php

     
    345345         * @return string
    346346         */
    347347        function get_search_sql( $string, $cols ) {
    348                 $string = esc_sql( $string );
     348                $string = esc_sql( like_escape( $string ) );
    349349
    350350                $searches = array();
    351351                foreach ( $cols as $col )
  • wp-includes/functions.php

     
    12061206
    12071207        foreach ( $pung as $link_test ) {
    12081208                if ( !in_array( $link_test, $post_links_temp[0] ) ) { // link no longer in post
    1209                         $mid = $wpdb->get_col( $wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, $link_test . '%') );
     1209                        $mid = $wpdb->get_col( $wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, like_escape( $link_test ) . '%') );
    12101210                        do_action( 'delete_postmeta', $mid );
    12111211                        $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE meta_id IN(%s)", implode( ',', $mid ) ) );
    12121212                        do_action( 'deleted_postmeta', $mid );
     
    12261226        }
    12271227
    12281228        foreach ( (array) $post_links as $url ) {
    1229                 if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( "SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, $url . '%' ) ) ) {
     1229                if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( "SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, like_escape( $url ) . '%' ) ) ) {
    12301230
    12311231                        if ( $headers = wp_get_http_headers( $url) ) {
    12321232                                $len = (int) $headers['content-length'];
  • wp-includes/class-wp-xmlrpc-server.php

     
    33673367                        } elseif ( is_string($urltest['fragment']) ) {
    33683368                                // ...or a string #title, a little more complicated
    33693369                                $title = preg_replace('/[^a-z0-9]/i', '.', $urltest['fragment']);
    3370                                 $sql = $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title RLIKE %s", $title);
     3370                                $sql = $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title RLIKE %s", like_escape( $title ) );
    33713371                                if (! ($post_ID = $wpdb->get_var($sql)) ) {
    33723372                                        // returning unknown error '0' is better than die()ing
    33733373                                        return new IXR_Error(0, '');
  • wp-includes/query.php

     
    20452045                        $n = !empty($q['exact']) ? '' : '%';
    20462046                        $searchand = '';
    20472047                        foreach( (array) $q['search_terms'] as $term ) {
    2048                                 $term = addslashes_gpc($term);
     2048                                $term = esc_sql( like_escape( $term ) );
    20492049                                $search .= "{$searchand}(($wpdb->posts.post_title LIKE '{$n}{$term}{$n}') OR ($wpdb->posts.post_content LIKE '{$n}{$term}{$n}'))";
    20502050                                $searchand = ' AND ';
    20512051                        }
    2052                         $term = esc_sql($q['s']);
     2052                        $term = esc_sql( like_escape( $q['s'] ) );
    20532053                        if ( empty($q['sentence']) && count($q['search_terms']) > 1 && $q['search_terms'][0] != $q['s'] )
    20542054                                $search .= " OR ($wpdb->posts.post_title LIKE '{$n}{$term}{$n}') OR ($wpdb->posts.post_content LIKE '{$n}{$term}{$n}')";
    20552055
  • wp-includes/canonical.php

     
    385385        if ( !get_query_var('name') )
    386386                return false;
    387387
    388         $where = $wpdb->prepare("post_name LIKE %s", get_query_var('name') . '%');
     388        $where = $wpdb->prepare("post_name LIKE %s", like_escape( get_query_var('name') ) . '%');
    389389
    390390        // if any of post_type, year, monthnum, or day are set, use them to refine the query
    391391        if ( get_query_var('post_type') )
  • wp-admin/admin-ajax.php

     
    12461246
    12471247        $searchand = $search = '';
    12481248        foreach ( (array) $search_terms as $term ) {
    1249                 $term = addslashes_gpc($term);
     1249                $term = esc_sql( like_escape( $term ) );
    12501250                $search .= "{$searchand}(($wpdb->posts.post_title LIKE '%{$term}%') OR ($wpdb->posts.post_content LIKE '%{$term}%'))";
    12511251                $searchand = ' AND ';
    12521252        }
    1253         $term = $wpdb->escape($s);
     1253        $term = esc_sql( like_escape( $s ) );
    12541254        if ( count($search_terms) > 1 && $search_terms[0] != $s )
    12551255                $search .= " OR ($wpdb->posts.post_title LIKE '%{$term}%') OR ($wpdb->posts.post_content LIKE '%{$term}%')";
    12561256