From 58da002b34e33395d9d1d5e0fdc526f6df38912d Mon Sep 17 00:00:00 2001 From: Gary Pendergast Date: Fri, 27 May 2016 01:54:28 +0000 Subject: [PATCH] Setup: Sanity check for invalid table prefixes. There are some table prefixes (for example, `7e1_`), which MySQL will try and parse as values when they're note quoted in backticks. Because not everything remembers to quote their table names, it's best if we just discourage their use during setup. Fixes #36422. Built from https://develop.svn.wordpress.org/trunk@37581 git-svn-id: http://core.svn.wordpress.org/trunk@37549 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/setup-config.php | 6 ++++++ wp-includes/version.php | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/wp-admin/setup-config.php b/wp-admin/setup-config.php index 32c173df50..1ad40fcb6a 100644 --- a/wp-admin/setup-config.php +++ b/wp-admin/setup-config.php @@ -278,6 +278,12 @@ switch($step) { if ( ! empty( $wpdb->error ) ) wp_die( $wpdb->error->get_error_message() . $tryagain_link ); + $wpdb->query( "SELECT $prefix" ); + if ( ! $wpdb->last_error ) { + // MySQL was able to parse the prefix as a value, which we don't want. Bail. + wp_die( __( 'ERROR: "Table Prefix" is invalid.' ) ); + } + // Generate keys and salts using secure CSPRNG; fallback to API if enabled; further fallback to original wp_generate_password(). try { $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_ []{}<>~`+=,.;:/?|'; diff --git a/wp-includes/version.php b/wp-includes/version.php index 012b1e72a3..5b6c886075 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.6-alpha-37580'; +$wp_version = '4.6-alpha-37581'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.