From ff3c96208afd45e39e0b2cf55c70f61f478a1679 Mon Sep 17 00:00:00 2001 From: Andrew Nacin Date: Thu, 6 Mar 2014 18:17:32 +0000 Subject: [PATCH] In get_site_by_path(), avoid passing $paths through prepare(). If a path contains a %, we end up with problems. see #27003. git-svn-id: https://develop.svn.wordpress.org/trunk@27439 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/ms-load.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/wp-includes/ms-load.php b/src/wp-includes/ms-load.php index e7b64b79ca..2f2f7d49c7 100644 --- a/src/wp-includes/ms-load.php +++ b/src/wp-includes/ms-load.php @@ -350,8 +350,9 @@ function get_site_by_path( $domain, $path, $segments = null ) { if ( count( $paths ) > 1 ) { $paths = "'" . implode( "', '", $wpdb->_escape( $paths ) ) . "'"; - $site = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->blogs - WHERE domain = %s AND path IN ($paths) ORDER BY CHAR_LENGTH(path) DESC LIMIT 1", $domain ) ); + $sql = $wpdb->prepare( "SELECT * FROM $wpdb->blogs WHERE domain = %s", $domain ); + $sql .= " AND path IN ($paths) ORDER BY CHAR_LENGTH(path) DESC LIMIT 1"; + $site = $wpdb->get_row( $sql ); } else { $site = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->blogs WHERE domain = %s and path = %s", $domain, $paths[0] ) ); }