- $time = $wpdb->escape( substr($return, 0, 19) );
- $uri = $wpdb->escape( preg_replace('/(.*?) | (.*?)/', '$2', $return) );
- $wpdb->query("UPDATE $wpdb->links SET link_updated = '$time' WHERE link_url = '$uri'");
+ $time = substr($return, 0, 19);
+ $uri = preg_replace('/(.*?) | (.*?)/', '$2', $return);
+ $wpdb->query( $wpdb->prepare("UPDATE $wpdb->links SET link_updated = %s WHERE link_url = %s", $time, $uri) );