Make WordPress Core


Ignore:
Timestamp:
06/10/2014 12:43:32 AM (11 years ago)
Author:
wonderboymusic
Message:

Replace all uses of like_escape() with $wpdb->esc_like().

Props miqrogroove.
See #10041.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/bookmark.php

    r28403 r28712  
    209209    $search = '';
    210210    if ( ! empty( $r['search'] ) ) {
    211         $search = esc_sql( like_escape( $r['search'] ) );
    212         $search = " AND ( (link_url LIKE '%$search%') OR (link_name LIKE '%$search%') OR (link_description LIKE '%$search%') ) ";
     211        $like = '%' . $wpdb->esc_like( $r['search'] ) . '%';
     212        $search = $wpdb->prepare(" AND ( (link_url LIKE %s) OR (link_name LIKE %s) OR (link_description LIKE %s) ) ", $like, $like, $like );
    213213    }
    214214
Note: See TracChangeset for help on using the changeset viewer.