$query = preg_replace("!^.+\?!", '', $query);
// Substitute the substring matches into the query.
- eval("\$query = \"" . addslashes($query) . "\";");
+ $query = addslashes(WP_MatchesMapRegex::apply($query, $matches));
// Filter out non-public query vars
global $wp;
parse_str($query, $query_vars);