Make WordPress Core


Ignore:
Timestamp:
08/03/2015 09:37:26 PM (9 years ago)
Author:
ocean90
Message:

Comments: IDs are integers.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/post.php

    r33393 r33555  
    29382938    foreach ( $group_by_status as $status => $comments ) {
    29392939        // Sanity check. This shouldn't happen.
    2940         if ( 'post-trashed' == $status )
     2940        if ( 'post-trashed' == $status ) {
    29412941            $status = '0';
    2942         $comments_in = implode( "', '", $comments );
    2943         $wpdb->query( "UPDATE $wpdb->comments SET comment_approved = '$status' WHERE comment_ID IN ('" . $comments_in . "')" );
     2942        }
     2943        $comments_in = implode( ', ', array_map( 'intval', $comments ) );
     2944        $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->comments SET comment_approved = %s WHERE comment_ID IN ($comments_in)", $status ) );
    29442945    }
    29452946
Note: See TracChangeset for help on using the changeset viewer.