Handle localized floats in $wpdb->prepare(). props kurtpayne. fixes #19861.

git-svn-id: http://core.svn.wordpress.org/trunk@21161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
nacin 2012-06-28 19:57:31 +00:00
parent 149eff94a1
commit 9810e75d46
1 changed files with 3 additions and 1 deletions

View File

@ -850,7 +850,8 @@ class wpdb {
* @return void * @return void
*/ */
function escape_by_ref( &$string ) { function escape_by_ref( &$string ) {
$string = $this->_real_escape( $string ); if ( ! is_float( $string ) )
$string = $this->_real_escape( $string );
} }
/** /**
@ -901,6 +902,7 @@ class wpdb {
$args = $args[0]; $args = $args[0];
$query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it $query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it
$query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting $query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting
$query = str_replace( '%f' , '%F', $query ); // Force floats to be locale unaware
$query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the strings, avoiding escaped strings like %%s $query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the strings, avoiding escaped strings like %%s
array_walk( $args, array( &$this, 'escape_by_ref' ) ); array_walk( $args, array( &$this, 'escape_by_ref' ) );
return @vsprintf( $query, $args ); return @vsprintf( $query, $args );