WordPress.org

Make WordPress Core

Ticket #15764: 15764.diff

File 15764.diff, 5.2 KB (added by ryan, 5 years ago)
  • wp-includes/taxonomy.php

     
    12371237        } 
    12381238 
    12391239        if ( !empty($name__like) ) 
    1240                 $where .= " AND t.name LIKE '{$name__like}%'"; 
     1240                $where .= " AND t.name LIKE '" . like_escape( $name__like ) . "%'"; 
    12411241 
    12421242        if ( '' !== $parent ) { 
    12431243                $parent = (int) $parent; 
  • wp-includes/comment.php

     
    345345         * @return string 
    346346         */ 
    347347        function get_search_sql( $string, $cols ) { 
    348                 $string = esc_sql( $string ); 
     348                $string = esc_sql( like_escape( $string ) ); 
    349349 
    350350                $searches = array(); 
    351351                foreach ( $cols as $col ) 
  • wp-includes/functions.php

     
    12061206 
    12071207        foreach ( $pung as $link_test ) { 
    12081208                if ( !in_array( $link_test, $post_links_temp[0] ) ) { // link no longer in post 
    1209                         $mid = $wpdb->get_col( $wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, $link_test . '%') ); 
     1209                        $mid = $wpdb->get_col( $wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, like_escape( $link_test ) . '%') ); 
    12101210                        do_action( 'delete_postmeta', $mid ); 
    12111211                        $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE meta_id IN(%s)", implode( ',', $mid ) ) ); 
    12121212                        do_action( 'deleted_postmeta', $mid ); 
     
    12261226        } 
    12271227 
    12281228        foreach ( (array) $post_links as $url ) { 
    1229                 if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( "SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, $url . '%' ) ) ) { 
     1229                if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( "SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, like_escape( $url ) . '%' ) ) ) { 
    12301230 
    12311231                        if ( $headers = wp_get_http_headers( $url) ) { 
    12321232                                $len = (int) $headers['content-length']; 
  • wp-includes/class-wp-xmlrpc-server.php

     
    33673367                        } elseif ( is_string($urltest['fragment']) ) { 
    33683368                                // ...or a string #title, a little more complicated 
    33693369                                $title = preg_replace('/[^a-z0-9]/i', '.', $urltest['fragment']); 
    3370                                 $sql = $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title RLIKE %s", $title); 
     3370                                $sql = $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title RLIKE %s", like_escape( $title ) ); 
    33713371                                if (! ($post_ID = $wpdb->get_var($sql)) ) { 
    33723372                                        // returning unknown error '0' is better than die()ing 
    33733373                                        return new IXR_Error(0, ''); 
  • wp-includes/query.php

     
    20452045                        $n = !empty($q['exact']) ? '' : '%'; 
    20462046                        $searchand = ''; 
    20472047                        foreach( (array) $q['search_terms'] as $term ) { 
    2048                                 $term = addslashes_gpc($term); 
     2048                                $term = esc_sql( like_escape( $term ) ); 
    20492049                                $search .= "{$searchand}(($wpdb->posts.post_title LIKE '{$n}{$term}{$n}') OR ($wpdb->posts.post_content LIKE '{$n}{$term}{$n}'))"; 
    20502050                                $searchand = ' AND '; 
    20512051                        } 
    2052                         $term = esc_sql($q['s']); 
     2052                        $term = esc_sql( like_escape( $q['s'] ) ); 
    20532053                        if ( empty($q['sentence']) && count($q['search_terms']) > 1 && $q['search_terms'][0] != $q['s'] ) 
    20542054                                $search .= " OR ($wpdb->posts.post_title LIKE '{$n}{$term}{$n}') OR ($wpdb->posts.post_content LIKE '{$n}{$term}{$n}')"; 
    20552055 
  • wp-includes/canonical.php

     
    385385        if ( !get_query_var('name') ) 
    386386                return false; 
    387387 
    388         $where = $wpdb->prepare("post_name LIKE %s", get_query_var('name') . '%'); 
     388        $where = $wpdb->prepare("post_name LIKE %s", like_escape( get_query_var('name') ) . '%'); 
    389389 
    390390        // if any of post_type, year, monthnum, or day are set, use them to refine the query 
    391391        if ( get_query_var('post_type') ) 
  • wp-admin/admin-ajax.php

     
    12461246 
    12471247        $searchand = $search = ''; 
    12481248        foreach ( (array) $search_terms as $term ) { 
    1249                 $term = addslashes_gpc($term); 
     1249                $term = esc_sql( like_escape( $term ) ); 
    12501250                $search .= "{$searchand}(($wpdb->posts.post_title LIKE '%{$term}%') OR ($wpdb->posts.post_content LIKE '%{$term}%'))"; 
    12511251                $searchand = ' AND '; 
    12521252        } 
    1253         $term = $wpdb->escape($s); 
     1253        $term = esc_sql( like_escape( $s ) ); 
    12541254        if ( count($search_terms) > 1 && $search_terms[0] != $s ) 
    12551255                $search .= " OR ($wpdb->posts.post_title LIKE '%{$term}%') OR ($wpdb->posts.post_content LIKE '%{$term}%')"; 
    12561256