Context Navigation

← Previous Change
Next Change →

meta.php

Timestamp:

10/31/2017 11:59:43 AM (8 years ago)

Author:

pento

Message:

Database: Restore numbered placeholders in wpdb::prepare().

[41496] removed support for numbered placeholders in queries send through wpdb::prepare(), which, despite being undocumented, were quite commonly used.

This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to wpdb::prepare(), given the number of placeholders.

See #41925.

File:

: 1 edited

trunk/src/wp-includes/meta.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/src/wp-includes/meta.php

-                      r40603
+                      r42056
     if ( $delete_all ) {
-        $value_clause = '';
         if ( '' !== $meta_value && null !== $meta_value && false !== $meta_value ) {
             $value_clause = $wpdb->prepare( " AND meta_value = %s", $meta_value );
+        }
         $object_ids = $wpdb->get_col( $wpdb->prepare( "SELECT $type_column FROM $table WHERE meta_key = %s $value_clause", $meta_key ) );
+            $object_ids = $wpdb->get_col( $wpdb->prepare( "SELECT $type_column FROM $table WHERE meta_key = %s AND meta_value = %s", $meta_key, $meta_value ) );
+        } else {
+            $object_ids = $wpdb->get_col( $wpdb->prepare( "SELECT $type_column FROM $table WHERE meta_key = %s", $meta_key ) );
+        }
+    }

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core

Context Navigation

Changeset 42056 for trunk/src/wp-includes/meta.php

Legend:

trunk/src/wp-includes/meta.php

Download in other formats: