I'm writing import plugin.
post_title is “ViewSonic® Redefines Visual Technology Leadership with Introduction of Supe
rPDA and Tablet PC Products” (UTF-8)
wp_insert_post assigns post_name “viewsonic%c2%ae-redefines-visual-technology-leadership-with-introduction-of-superpda-and-tablet-pc-products”.
and (here)
if ( 'draft' != $post_status ) {
$post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND post_type = %s AND ID != %d AND post_parent = %d LIMIT 1", $post_name, $post_type, $post_ID, $post_parent));
if ($post_name_check || in_array($post_name, $wp_rewrite->feeds) ) {
$suffix = 2;
do {
$alt_post_name = substr($post_name, 0, 200-(strlen($suffix)+1)). "-$suffix";
// expected_slashed ($alt_post_name, $post_name, $post_type)
$post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_type = '$post_type' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent));
$suffix++;
} while ($post_name_check);
$post_name = $alt_post_name;
}
}
when it calls $wpdb->prepare, it pass arguments to vsprintf, and it wanted more arguments, than I provide (becase of %c).
and $wpdb->prepare returns false. so this loop became infinite…
My temporary solution is
$alt_post_name = str_replace('%', '%%', substr($post_name, 0, 200-(strlen($suffix)+1)). "-$suffix");
but it's not adequate, because original $post_name_check fails, but should not. (good solution IMHO should be proper sanitize_title)
I tested it in 2.5 and 2.5.1.
