WordPress.org

Make WordPress Core

Changeset 13357


Ignore:
Timestamp:
02/24/10 05:30:34 (6 years ago)
Author:
ryan
Message:

Don't quote escaped strings. Props dd32. see #11608

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/wp-db.php

    r13343 r13357  
    865865        $query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it 
    866866        $query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting 
    867         $query = str_replace( '%s', "'%s'", $query ); // quote the strings 
     867        $query = preg_replace('|(?<!%)%s|', "'%s'", $query); // quote the strings, avoiding escaped strings like %%s 
    868868        array_walk( $args, array( &$this, 'escape_by_ref' ) ); 
    869869        return @vsprintf( $query, $args ); 
Note: See TracChangeset for help on using the changeset viewer.