| Index: trunk/extensions/ReplaceText/SpecialReplaceText.php |
| — | — | @@ -508,19 +508,17 @@ |
| 509 | 509 | function getMatchingTitles( $str, $namespaces, $category, $prefix, $use_regex = false ) { |
| 510 | 510 | $dbr = wfGetDB( DB_SLAVE ); |
| 511 | 511 | |
| 512 | | - $str = Title::newFromText( $str )->getDbKey(); |
| 513 | | - |
| 514 | 512 | $tables = array( 'page' ); |
| 515 | 513 | $vars = array( 'page_title', 'page_namespace' ); |
| 516 | 514 | if ( $use_regex ) { |
| 517 | | - $comparisonCond = "page_title REGEXP '$str'"; |
| | 515 | + $comparisonCond = 'page_title REGEXP ' . $dbr->addQuotes( $str ); |
| 518 | 516 | } else { |
| 519 | 517 | // anyString() method was added in MW 1.16 |
| 520 | 518 | if ( method_exists( $dbr, 'anyString' ) ) { |
| 521 | 519 | $any = $dbr->anyString(); |
| 522 | 520 | $comparisonCond = 'page_title ' . $dbr->buildLike( $any, $str, $any ); |
| 523 | 521 | } else { |
| 524 | | - $comparisonCond = "page_title LIKE '%$str%'"; |
| | 522 | + $comparisonCond = 'page_title LIKE ' . $dbr->addQuotes( "%$str%" ); |
| 525 | 523 | } |
| 526 | 524 | } |
| 527 | 525 | $conds = array( |
| — | — | @@ -540,14 +538,14 @@ |
| 541 | 539 | $tables = array( 'page', 'revision', 'text' ); |
| 542 | 540 | $vars = array( 'page_id', 'page_namespace', 'page_title', 'old_text' ); |
| 543 | 541 | if ( $use_regex ) { |
| 544 | | - $comparisonCond = "old_text REGEXP '$search'"; |
| | 542 | + $comparisonCond = 'old_text REGEXP ' . $dbr->addQuotes( $search ); |
| 545 | 543 | } else { |
| 546 | 544 | // anyString() method was added in MW 1.16 |
| 547 | 545 | if ( method_exists( $dbr, 'anyString' ) ) { |
| 548 | 546 | $any = $dbr->anyString(); |
| 549 | 547 | $comparisonCond = 'old_text ' . $dbr->buildLike( $any, $search, $any ); |
| 550 | 548 | } else { |
| 551 | | - $comparisonCond = "old_text LIKE '%$search%'"; |
| | 549 | + $comparisonCond = 'old_text LIKE ' . $dbr->addQuotes( "%$search%" ); |
| 552 | 550 | } |
| 553 | 551 | } |
| 554 | 552 | $conds = array( |