WordPress.org

Make WordPress Core

Changeset 13357


Ignore:
Timestamp:
02/24/2010 05:30:34 AM (8 years ago)
Author:
ryan
Message:

Don't quote escaped strings. Props dd32. see #11608

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/wp-db.php

    r13343 r13357  
    865865        $query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it
    866866        $query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting
    867         $query = str_replace( '%s', "'%s'", $query ); // quote the strings
     867        $query = preg_replace('|(?<!%)%s|', "'%s'", $query); // quote the strings, avoiding escaped strings like %%s
    868868        array_walk( $args, array( &$this, 'escape_by_ref' ) );
    869869        return @vsprintf( $query, $args );
Note: See TracChangeset for help on using the changeset viewer.