WordPress.org

Make WordPress Core


Ignore:
Timestamp:
06/10/2014 12:43:32 AM (7 years ago)
Author:
wonderboymusic
Message:

Replace all uses of like_escape() with $wpdb->esc_like().

Props miqrogroove.
See #10041.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/network/site-settings.php

    r27469 r28712  
    114114        <?php
    115115        $blog_prefix = $wpdb->get_blog_prefix( $id );
    116         $options = $wpdb->get_results( "SELECT * FROM {$blog_prefix}options WHERE option_name NOT LIKE '\_%' AND option_name NOT LIKE '%user_roles'" );
     116        $sql = "SELECT * FROM {$blog_prefix}options
     117            WHERE option_name NOT LIKE %s
     118            AND option_name NOT LIKE %s";
     119        $query = $wpdb->prepare( $sql,
     120            $wpdb->esc_like( '_' ) . '%',
     121            '%' . $wpdb->esc_like( 'user_roles' )
     122        );
     123        $options = $wpdb->get_results( $query );
    117124        foreach ( $options as $option ) {
    118125            if ( $option->option_name == 'default_role' )
Note: See TracChangeset for help on using the changeset viewer.