Wordpress 3.1.3

[autoinstalls/wordpress.git] / wp-includes / taxonomy.php

diff --git a/wp-includes/taxonomy.php b/wp-includes/taxonomy.php
index 33d4329debf83e2d75ab71e0370b40010320b7a8..d9ae2d5a8b40603db843ceee24db3c5c64960400 100644 (file)
--- a/wp-includes/taxonomy.php
+++ b/wp-includes/taxonomy.php
@@ -1255,8 +1255,10 @@ function &get_terms($taxonomies, $args = '') {
                $where .= " AND t.slug = '$slug'";
        }
 
-       if ( !empty($name__like) )
-               $where .= " AND t.name LIKE '" . like_escape( $name__like ) . "%'";
+       if ( !empty($name__like) ) {
+               $name__like = like_escape( $name__like );
+               $where .= $wpdb->prepare( " AND t.name LIKE %s", $name__like . '%' );
+       }
 
        if ( '' !== $parent ) {
                $parent = (int) $parent;
@@ -1278,7 +1280,7 @@ function &get_terms($taxonomies, $args = '') {
 
        if ( !empty($search) ) {
                $search = like_escape($search);
-               $where .= " AND (t.name LIKE '%$search%')";
+               $where .= $wpdb->prepare( " AND (t.name LIKE %s)", '%' . $search . '%');
        }
 
        $selects = array();