WordPress.org

Make WordPress Core


Ignore:
Timestamp:
09/28/2017 04:31:05 AM (3 years ago)
Author:
pento
Message:

Database: Don't quote placeholders in queries going through $wpdb->prepare()

To bring Core into line with the changes to $wpdb->prepare() in WordPress 4.8.2, query placeholders shouldn't be quoted.

Props jrf, johnjamesjacoby.
Fixes #41983.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/class-wp-importer.php

    r41195 r41628  
    3030        do {
    3131            $meta_key = $importer_name . '_' . $bid . '_permalink';
    32             $sql = $wpdb->prepare( "SELECT post_id, meta_value FROM $wpdb->postmeta WHERE meta_key = '%s' LIMIT %d,%d", $meta_key, $offset, $limit );
     32            $sql = $wpdb->prepare( "SELECT post_id, meta_value FROM $wpdb->postmeta WHERE meta_key = %s LIMIT %d,%d", $meta_key, $offset, $limit );
    3333            $results = $wpdb->get_results( $sql );
    3434
Note: See TracChangeset for help on using the changeset viewer.