Avoid invalid SQL when building ORDER BY clause using long search strings.

The introduction of negative search terms in 4.4 [34934] introduced the
possibility that the ORDER BY clause of a search query could be assembled in
such a way as to create invalid syntax. The current changeset fixes this by
ensuring that the ORDER BY clause corresponding to the search terms is
excluded when it would otherwise be empty.

Props salvoaranzulla.
Fixes #35361.
Built from https://develop.svn.wordpress.org/trunk@36251


git-svn-id: http://core.svn.wordpress.org/trunk@36218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Boone Gorges 2016-01-10 03:26:26 +00:00
parent a4facedfee
commit cfae56d2c2
2 changed files with 6 additions and 3 deletions

View File

@ -2268,7 +2268,7 @@ class WP_Query {
$like = '%' . $wpdb->esc_like( $q['s'] ) . '%'; $like = '%' . $wpdb->esc_like( $q['s'] ) . '%';
} }
$search_orderby = '(CASE '; $search_orderby = '';
// sentence match in 'post_title' // sentence match in 'post_title'
if ( $like ) { if ( $like ) {
@ -2289,7 +2289,10 @@ class WP_Query {
if ( $like ) { if ( $like ) {
$search_orderby .= $wpdb->prepare( "WHEN $wpdb->posts.post_content LIKE %s THEN 4 ", $like ); $search_orderby .= $wpdb->prepare( "WHEN $wpdb->posts.post_content LIKE %s THEN 4 ", $like );
} }
$search_orderby .= 'ELSE 5 END)';
if ( $search_orderby ) {
$search_orderby = '(CASE ' . $search_orderby . 'ELSE 5 END)';
}
} else { } else {
// single word or sentence search // single word or sentence search
$search_orderby = reset( $q['search_orderby_title'] ) . ' DESC'; $search_orderby = reset( $q['search_orderby_title'] ) . ' DESC';

View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.5-alpha-36250'; $wp_version = '4.5-alpha-36251';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.