WordPress.org

Make WordPress Core

Ticket #19861: 19861.4.patch

File 19861.4.patch, 921 bytes (added by SergeyBiryukov, 8 years ago)
  • wp-includes/wp-db.php

     
    850850         * @return void
    851851         */
    852852        function escape_by_ref( &$string ) {
    853                 $string = $this->_real_escape( $string );
     853                if ( ! is_float( $string ) )
     854                        $string = $this->_real_escape( $string );
    854855        }
    855856
    856857        /**
     
    901902                        $args = $args[0];
    902903                $query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it
    903904                $query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting
     905                $query = str_replace( '%f' , '%F', $query ); // Force floats to be locale unaware               
    904906                $query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the strings, avoiding escaped strings like %%s
    905907                array_walk( $args, array( &$this, 'escape_by_ref' ) );
    906908                return @vsprintf( $query, $args );