WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

WPDB: When checking the encoding of strings against the database, make sure we're only relying on the return value of strings that were sent to the database. Also make sure that we're not trying to sanity check strings that've been marked as not needing sanity checking. 

Merge of [33455] to the 4.1 branch.

See #32279.


Built from https://develop.svn.wordpress.org/branches/4.1@33480


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Gary Pendergast 2015-07-29 06:49:21 +00:00
parent 50e855410b
commit cec063ad22
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
wp-includes/wp-db.php
View File

@ -2062,7 +2062,7 @@ class wpdb {
public function get_var( $query = null, $x = 0, $y = 0 ) { public function get_var( $query = null, $x = 0, $y = 0 ) {
$this->func_call = "\$db->get_var(\"$query\", $x, $y)"; $this->func_call = "\$db->get_var(\"$query\", $x, $y)";
if ( $this->check_safe_collation( $query ) ) { if ( $this->check_current_query && $this->check_safe_collation( $query ) ) {
$this->check_current_query = false; $this->check_current_query = false;
} }
@ -2095,7 +2095,7 @@ class wpdb {
public function get_row( $query = null, $output = OBJECT, $y = 0 ) { public function get_row( $query = null, $output = OBJECT, $y = 0 ) {
$this->func_call = "\$db->get_row(\"$query\",$output,$y)"; $this->func_call = "\$db->get_row(\"$query\",$output,$y)";
if ( $this->check_safe_collation( $query ) ) { if ( $this->check_current_query && $this->check_safe_collation( $query ) ) {
$this->check_current_query = false; $this->check_current_query = false;
} }
@ -2136,7 +2136,7 @@ class wpdb {
* @return array Database query result. Array indexed from 0 by SQL result row number. * @return array Database query result. Array indexed from 0 by SQL result row number.
*/ */
public function get_col( $query = null , $x = 0 ) { public function get_col( $query = null , $x = 0 ) {
if ( $this->check_safe_collation( $query ) ) { if ( $this->check_current_query && $this->check_safe_collation( $query ) ) {
$this->check_current_query = false; $this->check_current_query = false;
} }
@ -2168,7 +2168,7 @@ class wpdb {
public function get_results( $query = null, $output = OBJECT ) { public function get_results( $query = null, $output = OBJECT ) {
$this->func_call = "\$db->get_results(\"$query\", $output)"; $this->func_call = "\$db->get_results(\"$query\", $output)";
if ( $this->check_safe_collation( $query ) ) { if ( $this->check_current_query && $this->check_safe_collation( $query ) ) {
$this->check_current_query = false; $this->check_current_query = false;
} }
@ -2689,7 +2689,9 @@ class wpdb {
} }
foreach ( array_keys( $data ) as $column ) { foreach ( array_keys( $data ) as $column ) {
$data[ $column ]['value'] = $row["x_$column"]; if ( isset( $row["x_$column"] ) ) {
$data[ $column ]['value'] = $row["x_$column"];
}
} }
} }