Ticket #19861: 19861.3.patch
File 19861.3.patch, 1.8 KB (added by , 12 years ago) |
---|
-
wp-includes/wp-db.php
850 850 * @return void 851 851 */ 852 852 function escape_by_ref( &$string ) { 853 $string = $this->_real_escape( $string ); 853 if ( !is_float( $string ) ) 854 $string = $this->_real_escape( $string ); 854 855 } 855 856 856 857 /** … … 901 902 $args = $args[0]; 902 903 $query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it 903 904 $query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting 905 $query = str_replace( '%f' , '%F', $query ); // Force floats to be locale unaware 904 906 $query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the strings, avoiding escaped strings like %%s 905 907 array_walk( $args, array( &$this, 'escape_by_ref' ) ); 906 908 return @vsprintf( $query, $args ); … … 1214 1216 $form = $this->field_types[$field]; 1215 1217 else 1216 1218 $form = '%s'; 1219 1220 if ( in_array( $form, array( '%f', '%F' ) ) ) 1221 $data[ $field ] = str_replace( ',', '.', $data[ $field ] ); 1222 1217 1223 $formatted_fields[] = $form; 1218 1224 } 1219 1225 $sql = "{$type} INTO `$table` (`" . implode( '`,`', $fields ) . "`) VALUES (" . implode( ",", $formatted_fields ) . ")"; … … 1254 1260 $form = $this->field_types[$field]; 1255 1261 else 1256 1262 $form = '%s'; 1263 1264 if ( in_array( $form, array( '%f', '%F' ) ) ) 1265 $data[ $field ] = str_replace( ',', '.', $data[ $field ] ); 1266 1257 1267 $bits[] = "`$field` = {$form}"; 1258 1268 } 1259 1269 … … 1265 1275 $form = $this->field_types[$field]; 1266 1276 else 1267 1277 $form = '%s'; 1278 1279 if ( in_array( $form, array( '%f', '%F' ) ) ) 1280 $where[ $field ] = str_replace( ',', '.', $where[ $field ] ); 1281 1268 1282 $wheres[] = "`$field` = {$form}"; 1269 1283 } 1270 1284