WordPress.org

Make WordPress Core


Ignore:
Timestamp:
06/10/2014 12:43:32 AM (7 years ago)
Author:
wonderboymusic
Message:

Replace all uses of like_escape() with $wpdb->esc_like().

Props miqrogroove.
See #10041.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/taxonomy.php

    r28653 r28712  
    14811481
    14821482    if ( ! empty( $args['name__like'] ) ) {
    1483         $name__like = like_escape( $args['name__like'] );
    1484         $where .= $wpdb->prepare( " AND t.name LIKE %s", '%' . $name__like . '%' );
     1483        $where .= $wpdb->prepare( " AND t.name LIKE %s", '%' . $wpdb->esc_like( $args['name__like'] ) . '%' );
    14851484    }
    14861485
    14871486    if ( ! empty( $args['description__like'] ) ) {
    1488         $description__like = like_escape( $args['description__like'] );
    1489         $where .= $wpdb->prepare( " AND tt.description LIKE %s", '%' . $description__like . '%' );
     1487        $where .= $wpdb->prepare( " AND tt.description LIKE %s", '%' . $wpdb->esc_like( $args['description__like'] ) . '%' );
    14901488    }
    14911489
     
    15181516
    15191517    if ( ! empty( $args['search'] ) ) {
    1520         $search = like_escape( $args['search'] );
    1521         $where .= $wpdb->prepare( ' AND ((t.name LIKE %s) OR (t.slug LIKE %s))', '%' . $search . '%', '%' . $search . '%' );
     1518        $like = '%' . $wpdb->esc_like( $args['search'] ) . '%';
     1519        $where .= $wpdb->prepare( ' AND ((t.name LIKE %s) OR (t.slug LIKE %s))', $like, $like );
    15221520    }
    15231521
Note: See TracChangeset for help on using the changeset viewer.