WordPress.org

Make WordPress Core

Ticket #6644: prepared_queries13.diff

File prepared_queries13.diff, 1.3 KB (added by filosofo, 6 years ago)
  • wp-admin/edit.php

     
    205205 
    206206if ( 1 == count($posts) && is_singular() ) : 
    207207 
    208         $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved != 'spam' ORDER BY comment_date"); 
     208        $comments = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved != 'spam' ORDER BY comment_date", $id) ); 
    209209        if ( $comments ) : 
    210210                // Make sure comments, post, and post_author are cached 
    211211                update_comment_cache($comments); 
  • wp-admin/edit-pages.php

     
    175175 
    176176if ( 1 == count($posts) && is_singular() ) : 
    177177 
    178         $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved != 'spam' ORDER BY comment_date"); 
     178        $comments = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved != 'spam' ORDER BY comment_date", $id) ); 
    179179        if ( $comments ) : 
    180180                // Make sure comments, post, and post_author are cached 
    181181                update_comment_cache($comments);