Ticket #19861: 19861.4.patch
File 19861.4.patch, 921 bytes (added by , 12 years ago) |
---|
-
wp-includes/wp-db.php
850 850 * @return void 851 851 */ 852 852 function escape_by_ref( &$string ) { 853 $string = $this->_real_escape( $string ); 853 if ( ! is_float( $string ) ) 854 $string = $this->_real_escape( $string ); 854 855 } 855 856 856 857 /** … … 901 902 $args = $args[0]; 902 903 $query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it 903 904 $query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting 905 $query = str_replace( '%f' , '%F', $query ); // Force floats to be locale unaware 904 906 $query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the strings, avoiding escaped strings like %%s 905 907 array_walk( $args, array( &$this, 'escape_by_ref' ) ); 906 908 return @vsprintf( $query, $args );