X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/f6364df6999f38896cc58171ec4a503f4f2dedcf..e9d988989fe37ab8c5f903e47fbe36e6e00dc51f:/wp-includes/taxonomy.php?ds=sidebyside

diff --git a/wp-includes/taxonomy.php b/wp-includes/taxonomy.php
index 33d4329d..d9ae2d5a 100644
--- a/wp-includes/taxonomy.php
+++ b/wp-includes/taxonomy.php
@@ -1255,8 +1255,10 @@ function &get_terms($taxonomies, $args = '') {
 		$where .= " AND t.slug = '$slug'";
 	}
 
-	if ( !empty($name__like) )
-		$where .= " AND t.name LIKE '" . like_escape( $name__like ) . "%'";
+	if ( !empty($name__like) ) {
+		$name__like = like_escape( $name__like );
+		$where .= $wpdb->prepare( " AND t.name LIKE %s", $name__like . '%' );
+	}
 
 	if ( '' !== $parent ) {
 		$parent = (int) $parent;
@@ -1278,7 +1280,7 @@ function &get_terms($taxonomies, $args = '') {
 
 	if ( !empty($search) ) {
 		$search = like_escape($search);
-		$where .= " AND (t.name LIKE '%$search%')";
+		$where .= $wpdb->prepare( " AND (t.name LIKE %s)", '%' . $search . '%');
 	}
 
 	$selects = array();