WordPress.org

Make WordPress Core

Ticket #6644: prepared_queries13.diff

File prepared_queries13.diff, 1.3 KB (added by filosofo, 10 years ago)
  • wp-admin/edit.php

     
    205205
    206206if ( 1 == count($posts) && is_singular() ) :
    207207
    208         $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved != 'spam' ORDER BY comment_date");
     208        $comments = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved != 'spam' ORDER BY comment_date", $id) );
    209209        if ( $comments ) :
    210210                // Make sure comments, post, and post_author are cached
    211211                update_comment_cache($comments);
  • wp-admin/edit-pages.php

     
    175175
    176176if ( 1 == count($posts) && is_singular() ) :
    177177
    178         $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved != 'spam' ORDER BY comment_date");
     178        $comments = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved != 'spam' ORDER BY comment_date", $id) );
    179179        if ( $comments ) :
    180180                // Make sure comments, post, and post_author are cached
    181181                update_comment_cache($comments);