Ticket #41983: 41983.patch

src/wp-admin/includes/class-wp-importer.php

@@ -29 +29 @@
                 // Grab all posts in chunks
                 do {
                         $meta_key = $importer_name . '_' . $bid . '_permalink';
-                        $sql = $wpdb->prepare( "SELECT post_id, meta_value FROM $wpdb->postmeta WHERE meta_key = '%s' LIMIT %d,%d", $meta_key, $offset, $limit );
+                        $sql = $wpdb->prepare( "SELECT post_id, meta_value FROM $wpdb->postmeta WHERE meta_key = %s LIMIT %d,%d", $meta_key, $offset, $limit );
                         $results = $wpdb->get_results( $sql );
 
                         // Increment offset

src/wp-admin/includes/nav-menu.php

@@ -996 +996 @@
         $delete_timestamp = time() - ( DAY_IN_SECONDS * EMPTY_TRASH_DAYS );
 
         // Delete orphaned draft menu items.
-        $menu_items_to_delete = $wpdb->get_col($wpdb->prepare("SELECT ID FROM $wpdb->posts AS p LEFT JOIN $wpdb->postmeta AS m ON p.ID = m.post_id WHERE post_type = 'nav_menu_item' AND post_status = 'draft' AND meta_key = '_menu_item_orphaned' AND meta_value < '%d'", $delete_timestamp ) );
+        $menu_items_to_delete = $wpdb->get_col($wpdb->prepare("SELECT ID FROM $wpdb->posts AS p LEFT JOIN $wpdb->postmeta AS m ON p.ID = m.post_id WHERE post_type = 'nav_menu_item' AND post_status = 'draft' AND meta_key = '_menu_item_orphaned' AND meta_value < %d", $delete_timestamp ) );
 
         foreach ( (array) $menu_items_to_delete as $menu_item_id )
                 wp_delete_post( $menu_item_id, true );

src/wp-includes/functions.php

@@ -4804 +4804 @@
 
         $delete_timestamp = time() - ( DAY_IN_SECONDS * EMPTY_TRASH_DAYS );
 
-        $posts_to_delete = $wpdb->get_results($wpdb->prepare("SELECT post_id FROM $wpdb->postmeta WHERE meta_key = '_wp_trash_meta_time' AND meta_value < '%d'", $delete_timestamp), ARRAY_A);
+        $posts_to_delete = $wpdb->get_results($wpdb->prepare("SELECT post_id FROM $wpdb->postmeta WHERE meta_key = '_wp_trash_meta_time' AND meta_value < %d", $delete_timestamp), ARRAY_A);
 
         foreach ( (array) $posts_to_delete as $post ) {
                 $post_id = (int) $post['post_id'];
@@ -4821 +4821 @@
                 }
         }
 
-        $comments_to_delete = $wpdb->get_results($wpdb->prepare("SELECT comment_id FROM $wpdb->commentmeta WHERE meta_key = '_wp_trash_meta_time' AND meta_value < '%d'", $delete_timestamp), ARRAY_A);
+        $comments_to_delete = $wpdb->get_results($wpdb->prepare("SELECT comment_id FROM $wpdb->commentmeta WHERE meta_key = '_wp_trash_meta_time' AND meta_value < %d", $delete_timestamp), ARRAY_A);
 
         foreach ( (array) $comments_to_delete as $comment ) {
                 $comment_id = (int) $comment['comment_id'];

src/wp-includes/taxonomy.php

@@ -3785 +3785 @@
                         INNER JOIN {$wpdb->postmeta} AS m2 ON ( m2.post_id = m1.post_id )
                         INNER JOIN {$wpdb->postmeta} AS m3 ON ( m3.post_id = m1.post_id )
                 WHERE ( m1.meta_key = '_menu_item_type' AND m1.meta_value = 'taxonomy' )
-                        AND ( m2.meta_key = '_menu_item_object' AND m2.meta_value = '%s' )
+                        AND ( m2.meta_key = '_menu_item_object' AND m2.meta_value = %s )
                         AND ( m3.meta_key = '_menu_item_object_id' AND m3.meta_value = %d )",
                 $taxonomy,
                 $term_id

src/wp-includes/wp-db.php

@@ -1267 +1267 @@
          *     $wild = '%';
          *     $find = 'only 43% of planets';
          *     $like = $wild . $wpdb->esc_like( $find ) . $wild;
-         *     $sql  = $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE post_content LIKE '%s'", $like );
+         *     $sql  = $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE post_content LIKE %s", $like );
          *
          * Example Escape Chain:
          *