From 4fb0aa5ecb9db2b01611e472b6bf7bbd3f230338 Mon Sep 17 00:00:00 2001 From: Andrew Nacin Date: Thu, 6 Mar 2014 18:18:15 +0000 Subject: [PATCH] In get_site_by_path(), avoid passing $paths through prepare(). If a path contains a %, we end up with problems. see #27003. Built from https://develop.svn.wordpress.org/trunk@27439 git-svn-id: http://core.svn.wordpress.org/trunk@27286 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/ms-load.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/wp-includes/ms-load.php b/wp-includes/ms-load.php index e7b64b79ca..2f2f7d49c7 100644 --- a/wp-includes/ms-load.php +++ b/wp-includes/ms-load.php @@ -350,8 +350,9 @@ function get_site_by_path( $domain, $path, $segments = null ) { if ( count( $paths ) > 1 ) { $paths = "'" . implode( "', '", $wpdb->_escape( $paths ) ) . "'"; - $site = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->blogs - WHERE domain = %s AND path IN ($paths) ORDER BY CHAR_LENGTH(path) DESC LIMIT 1", $domain ) ); + $sql = $wpdb->prepare( "SELECT * FROM $wpdb->blogs WHERE domain = %s", $domain ); + $sql .= " AND path IN ($paths) ORDER BY CHAR_LENGTH(path) DESC LIMIT 1"; + $site = $wpdb->get_row( $sql ); } else { $site = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->blogs WHERE domain = %s and path = %s", $domain, $paths[0] ) ); }