Make WordPress Core


Ignore:
Timestamp:
06/10/2014 02:44:35 AM (10 years ago)
Author:
wonderboymusic
Message:

Set a variable for like-escaped string before looping in WP_User_Query::get_search_sql().

Props miqrogroove.
Fixes #10041.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/user.php

    r28712 r28722  
    803803        $leading_wild = ( 'leading' == $wild || 'both' == $wild ) ? '%' : '';
    804804        $trailing_wild = ( 'trailing' == $wild || 'both' == $wild ) ? '%' : '';
     805        $like = $leading_wild . $wpdb->esc_like( $string ) . $trailing_wild;
     806
    805807        foreach ( $cols as $col ) {
    806             if ( 'ID' == $col )
     808            if ( 'ID' == $col ) {
    807809                $searches[] = $wpdb->prepare( "$col = %s", $string );
    808             else
    809                 $searches[] = $wpdb->prepare( "$col LIKE %s", $leading_wild . $wpdb->esc_like( $string ) . $trailing_wild );
     810            } else {
     811                $searches[] = $wpdb->prepare( "$col LIKE %s", $like );
     812            }
    810813        }
    811814
Note: See TracChangeset for help on using the changeset viewer.