WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
27,282 Commits 50 Branches 749 Tags 982 MiB
Commit Graph

273 Commits

Author SHA1 Message Date
Gary Pendergast 907fe8136e Database: Restore numbered placeholders in `wpdb::prepare()`. 
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.

This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.

Merges [41662], [42056] to the 4.0 branch.
See #41925.


Built from https://develop.svn.wordpress.org/branches/4.0@42065


git-svn-id: http://core.svn.wordpress.org/branches/4.0@41894 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-31 12:55:20 +00:00
Aaron Campbell f10a53cf41 Database: Hardening to bring `wpdb::prepare()` inline with documentation. 
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.

Merges [41496] to 4.0 branch.


Built from https://develop.svn.wordpress.org/branches/4.0@41505


git-svn-id: http://core.svn.wordpress.org/branches/4.0@41338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 18:42:19 +00:00
Aaron Campbell a133648403 Database: Don’t trigger `_doing_it_wrong()` for null values in `wpdb::prepare()`. 
While `wpdb::prepare()` does not support null values (see #12819) they still appear in the wild like in the WordPress Importer and other plugins.

Merges [41483] to 4.0 branch.


Built from https://develop.svn.wordpress.org/branches/4.0@41492


git-svn-id: http://core.svn.wordpress.org/branches/4.0@41325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 16:26:35 +00:00
Aaron Campbell f80bd53e4b Database: Hardening for `wpdb::prepare()` 
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.

Merges [41470] to 4.0 branch.


Built from https://develop.svn.wordpress.org/branches/4.0@41479


git-svn-id: http://core.svn.wordpress.org/branches/4.0@41312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 15:04:19 +00:00
Gary Pendergast 21c8cc7e5a WPDB: `get_table_from_query()` didn't find table names with hyphens in them. 
Merge of [33718] to the 4.0 branch.

Props dustinbolton, pento.

See #33470.


Built from https://develop.svn.wordpress.org/branches/4.0@33994


git-svn-id: http://core.svn.wordpress.org/branches/4.0@33963 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-10 07:05:17 +00:00
John Blackbourn 6dbcbfae60 WPDB: Allow queries to reference tables in the dbname.tablename format, and allow table names to contain any valid character, rather than just ASCII. 
Merge of [32368] to the 4.0 branch.

Props pento, willstedt for the initial patch.

See #32090.

Built from https://develop.svn.wordpress.org/branches/4.0@32413


git-svn-id: http://core.svn.wordpress.org/branches/4.0@32383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 21:04:34 +00:00
Dominik Schilling c9168e3a54 WPDB: When sanity checking query character sets, there's no need to check queries that don't return user data. 
Merges [32374] to the 4.0 branch.

props pento.
see #32104.
Built from https://develop.svn.wordpress.org/branches/4.0@32403


git-svn-id: http://core.svn.wordpress.org/branches/4.0@32373 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 20:04:38 +00:00
Helen Hou-Sandí 69de48fd72 The UTF-8 regex can occasionally fail on very low memory machines. Reduce the amount of memory it uses. 
Merges [32375] to the 4.0 branch.

props pento.
See #32204.

Built from https://develop.svn.wordpress.org/branches/4.0@32397


git-svn-id: http://core.svn.wordpress.org/branches/4.0@32367 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 19:43:37 +00:00
Michael Adams 7e35f92679 WPDB: When checking that a string can be sent to MySQL, we shouldn't use `mb_convert_encoding()`, as it behaves differently to MySQL's character encoding conversion. 
Merge of [32364] to the 4.0 branch.

Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.

See #32165.

Built from https://develop.svn.wordpress.org/branches/4.0@32388


git-svn-id: http://core.svn.wordpress.org/branches/4.0@32358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 19:09:39 +00:00
Gary Pendergast 4fe0310d7a 4.0: 
- WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly.
- When upgrading, remove any suspicious comments.


Built from https://develop.svn.wordpress.org/branches/4.0@32313


git-svn-id: http://core.svn.wordpress.org/branches/4.0@32284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-27 17:17:37 +00:00
Gary Pendergast 488576e125 WPDB: When sanity checking a string by sending it to MySQL for conversion checks, the incorrect data structure was being returned from wpdb::strip_invalid_text(), causing all write queries to fail for some character sets when the query contained non-ASCII characters. 
Merge of [32261] to the 4.0 branch.

See #32051.


Built from https://develop.svn.wordpress.org/branches/4.0@32272


git-svn-id: http://core.svn.wordpress.org/branches/4.0@32243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-23 11:44:39 +00:00
Gary Pendergast e20485b9cb WPDB: When deciding if a query needs extra sanity checking based on collation, return early when we can. Merges [32232] and [32233] to the 4.0 branch. 
See #32029.


Built from https://develop.svn.wordpress.org/branches/4.0@32235


git-svn-id: http://core.svn.wordpress.org/branches/4.0@32209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-21 06:19:40 +00:00
Gary Pendergast 530a462ba1 Fix some `wpdb::check_safe_collation()` calls missed in [32181]. 
Built from https://develop.svn.wordpress.org/branches/4.0@32225


git-svn-id: http://core.svn.wordpress.org/branches/4.0@32199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-20 19:06:42 +00:00
Gary Pendergast 55be6d3e44 `wpdb::$checking_collation` was incorrectly marked as `protected` instead of `private` in [32181]. 
Built from https://develop.svn.wordpress.org/branches/4.0@32184


git-svn-id: http://core.svn.wordpress.org/branches/4.0@32157 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-20 11:21:35 +00:00
Gary Pendergast 548201e950 Merge the query sanity checks from #21212 to the 4.0 branch. 
Props pento, nacin, mdawaffe, DrewAPicture.


Built from https://develop.svn.wordpress.org/branches/4.0@32181


git-svn-id: http://core.svn.wordpress.org/branches/4.0@32154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-20 10:54:40 +00:00
Andrew Nacin 53f1ba51e4 DB: Revert [28814] and require a WHERE for wpdb::update(). 
see #26106.

Built from https://develop.svn.wordpress.org/trunk@29664


git-svn-id: http://core.svn.wordpress.org/trunk@29438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-09-02 04:56:15 +00:00
Drew Jaynes 3665b5a1a1 Add periods to short descriptions for magic methods added in [28501], [28521], and [28524]. 
See #22234 and #28885.

Built from https://develop.svn.wordpress.org/trunk@29165


git-svn-id: http://core.svn.wordpress.org/trunk@28949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-07-14 01:12:14 +00:00
Drew Jaynes c5a59037f1 Inline documentation cleanup for 4.0 audit. 
Various improvements:
* Adds `@see` reference for `wp_list_comments()` in 'wp_list_comments_args' filter docs, added in [28285]
* Various phpDoc tweaks for the 'run_wptexturize' filter docs, added in [28715]
* Sentence and wrapping changes for `is_https_url()`, added in [28894]
* Documents the `$args` parameter for `wp_dropdown_languages()`, added in [29007]
* Adds a period to the parameter description for `_update_posts_count_on_delete()`, added in [28835]
* Documents a global in `is_customize_preview()`, added in [28999]
* phpDoc tweaks, adds an access modifier for `wpdb::esc_like()`, added in [28711]

See #28885.

Built from https://develop.svn.wordpress.org/trunk@29163


git-svn-id: http://core.svn.wordpress.org/trunk@28947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-07-14 01:02:15 +00:00
Andrew Nacin b35982cbff Simplify the setup-config.php UI flow and load process. 
When no configuration file is detected, we now redirect to setup-config.php. This process now uses the WordPress bootstrap, rather than a set of fragile hacks.

fixes #28740.

Built from https://develop.svn.wordpress.org/trunk@28978


git-svn-id: http://core.svn.wordpress.org/trunk@28767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-07-03 19:57:14 +00:00
Scott Taylor 3ebd519a3e In `$wpdb->update()`, prevent explosions when `$where` is empty. 
Adds unit tests.

Props UmeshSingla, wonderboymusic.
Fixes #26106

Built from https://develop.svn.wordpress.org/trunk@28814


git-svn-id: http://core.svn.wordpress.org/trunk@28621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-24 00:24:14 +00:00
Scott Taylor 82bdc78500 `LIKE` escape sanity: 
* Deprecate `like_escape()`
* Add a method to `$wpdb`, `->esc_like()`, and add unit tests

`$wpdb::esc_like()` is not used yet. As such, many unit tests will throw `Unexpected deprecated notice for like_escape`. Subsequent commits will alleviate this.

Props miqrogroove.
See #10041.

Built from https://develop.svn.wordpress.org/trunk@28711


git-svn-id: http://core.svn.wordpress.org/trunk@28527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-10 00:30:15 +00:00
Drew Jaynes 290b377a31 Mark the `MYSQL_NEW_LINK` constant as deprecated in 3.9+ as no equivalent to the `$new_link` parameter exists in `mysqli_*` functions. 
Fixes #27933.

Built from https://develop.svn.wordpress.org/trunk@28657


git-svn-id: http://core.svn.wordpress.org/trunk@28475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-04 05:00:15 +00:00
Scott Taylor fd5e6b5f6b In `wpdb`, make some things explicitly `public`. Do not set anything to `private`. This would instantly blow up `hyperdb` in the wild. 
See #27881, #22234.

Built from https://develop.svn.wordpress.org/trunk@28526


git-svn-id: http://core.svn.wordpress.org/trunk@28352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-19 15:36:13 +00:00
Scott Taylor 361e3e1ee6 In `wpdb`, remove dead code: 
* In `->tables()`, `break` is unreachable after `return`
* In `->query()`, `$return` is always set, so doesn't need an initial value of `0`
* In `->delete()`, `$bits` is unused

See #27882.

Built from https://develop.svn.wordpress.org/trunk@28339


git-svn-id: http://core.svn.wordpress.org/trunk@28167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-07 03:56:14 +00:00
Drew Jaynes a5366db845 Improve inline documentation for the wpdb::$show_errors property. 
Note that SQL/DB errors are displayed by default if both WP_DEBUG and WP_DEBUG_DISPLAY evaluate to true.

Props ericlewis.
Fixes #16615.

Built from https://develop.svn.wordpress.org/trunk@28243


git-svn-id: http://core.svn.wordpress.org/trunk@28071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-02 12:19:15 +00:00
Andrew Nacin 1860b6a007 Rename USE_EXT_MYSQL to WP_USE_EXT_MYSQL. see #21663. 
Built from https://develop.svn.wordpress.org/trunk@28022


git-svn-id: http://core.svn.wordpress.org/trunk@27852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-07 22:27:15 +00:00
Drew Jaynes b5ecc00b32 PHPDoc fixes for functionality in wp-includes/wp-db.php added in 3.9. 
See #27700.

Built from https://develop.svn.wordpress.org/trunk@28016


git-svn-id: http://core.svn.wordpress.org/trunk@27846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-07 22:02:15 +00:00
Andrew Nacin 10b8c92b1e wpdb: Don't pass a second argument to mysqli_fetch_field(). 
props pento.
fixes #27693.

Built from https://develop.svn.wordpress.org/trunk@28002


git-svn-id: http://core.svn.wordpress.org/trunk@27832 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-07 20:22:28 +00:00
Andrew Nacin ac60fcb315 Database: Fall back from ext/mysqli to ext/mysql if the connection fails. 
This allows us to avoid breaking a site that works under ext/mysql but is misconfigured for ext/mysqli.

props pento.
see #21663.

Built from https://develop.svn.wordpress.org/trunk@27935


git-svn-id: http://core.svn.wordpress.org/trunk@27765 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-03 21:58:16 +00:00
Andrew Nacin 34700cd7fb Database: Add $allow_bail argument to wpdb::check_connection() to match the connect method. 
props DrProtocols, pento.
fixes #27240.

Built from https://develop.svn.wordpress.org/trunk@27925


git-svn-id: http://core.svn.wordpress.org/trunk@27755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-03 04:06:14 +00:00
Sergey Biryukov c099c5a031 Avoid a warning in wpdb::db_connect(). before_needle parameter of strstr() was added in PHP 5.3. 
props klihelp, pento.
fixes #27277.
Built from https://develop.svn.wordpress.org/trunk@27503


git-svn-id: http://core.svn.wordpress.org/trunk@27346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-03-11 19:27:15 +00:00
Andrew Nacin 291b1a8f83 Make OBJECT a case sensitive constant, for HHVM compatibility and general sanity. 
Support `object` explicitly, and other forms using a fallback in wpdb.

fixes #27231.

Built from https://develop.svn.wordpress.org/trunk@27377


git-svn-id: http://core.svn.wordpress.org/trunk@27226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-03-03 17:36:13 +00:00
Andrew Nacin 0c16c0477b Reference https://wordpress.org rather than http://wordpress.org in strings, links, comments, etc. 
props Ipstenu, markjaquith.
see #27115.

Built from https://develop.svn.wordpress.org/trunk@27369


git-svn-id: http://core.svn.wordpress.org/trunk@27219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-03-03 02:34:27 +00:00
Andrew Nacin 4d9bf200d7 When failing to reconnect to a server that has gone away, simply fail the query once we've passed template_redirect, rather than wp_die(). 
props pento.
see #5932.

Built from https://develop.svn.wordpress.org/trunk@27279


git-svn-id: http://core.svn.wordpress.org/trunk@27135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-26 04:54:14 +00:00
Andrew Nacin cb52ddbf08 Add a constant to disable mysqli for testing purposes. see #21663. 
Built from https://develop.svn.wordpress.org/trunk@27278


git-svn-id: http://core.svn.wordpress.org/trunk@27134 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-26 04:20:14 +00:00
Andrew Nacin 4c9e7f81e1 wpdb: set dbh to null when the mysqli connection fails. see #21663. 
Built from https://develop.svn.wordpress.org/trunk@27277


git-svn-id: http://core.svn.wordpress.org/trunk@27133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-26 04:15:18 +00:00
Andrew Nacin c51ce41c59 Use mysqli for WordPress development versions, regardless of PHP version, to increase testing footprint. 
Allow the lack of ext/mysql to pass wp_check_php_mysql_versions().

see #21663.

Built from https://develop.svn.wordpress.org/trunk@27257


git-svn-id: http://core.svn.wordpress.org/trunk@27114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-25 15:53:13 +00:00
Andrew Nacin 768db95280 Use ext/mysqli in PHP 5.5 or greater. Expect minor explosions. 
props aaroncampbell, pento.
see #21663.

Built from https://develop.svn.wordpress.org/trunk@27250


git-svn-id: http://core.svn.wordpress.org/trunk@27107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-25 00:40:13 +00:00
Andrew Nacin 1b9dda7d75 Declare $wpdb->base_prefix. 
props DavidAnderson.
fixes #16762.

Built from https://develop.svn.wordpress.org/trunk@27249


git-svn-id: http://core.svn.wordpress.org/trunk@27106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-25 00:30:13 +00:00
Drew Jaynes aa8b462a95 Fixes for hooks documentation in wp-includes/wp-db.php. 
See #26869, #25229 and [25284].

Built from https://develop.svn.wordpress.org/trunk@27147


git-svn-id: http://core.svn.wordpress.org/trunk@27014 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-09 20:51:13 +00:00
Andrew Nacin 43c7993c1a When the MySQL server has "gone away," attempt to reconnect and retry the query. 
props pento.
see #5932.

Built from https://develop.svn.wordpress.org/trunk@27075


git-svn-id: http://core.svn.wordpress.org/trunk@26948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-02 22:07:12 +00:00
Andrew Nacin 17828876fa Add a comment for [27073] as someone will inevitably complain it is tricked by % in a string. see #25604. 
Built from https://develop.svn.wordpress.org/trunk@27074


git-svn-id: http://core.svn.wordpress.org/trunk@26947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-02 21:48:13 +00:00
Andrew Nacin 9c4a97c676 Throw an incorrect usage notice when the query argument of wpdb::prepare() does not include a placeholder. 
props ounziw.
fixes #25604.

Built from https://develop.svn.wordpress.org/trunk@27073


git-svn-id: http://core.svn.wordpress.org/trunk@26946 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-02 21:47:11 +00:00
Andrew Nacin 9f250b2ef7 Ensure compatibility with MySQL 5.6 which has stricter SQL modes by default. 
Disables NO_ZERO_DATE, ONLY_FULL_GROUP_BY, STRICT_TRANS_TABLES, STRICT_ALL_TABLES, TRADITIONAL. Introduces wpdb::set_sql_mode() with an incompatible_sql_modes filter so a plugin can alter the set mode after the fact.

props pento.
fixes #26847.

Built from https://develop.svn.wordpress.org/trunk@27072


git-svn-id: http://core.svn.wordpress.org/trunk@26945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-02 21:39:13 +00:00
Scott Taylor 678ef2b1e1 In `wpdb::db_connect()`, allow the loading of a custom database error template - this is already allowed in `dead_db()`. 
In `dead_db()`, move the call to `wp_load_translations_early()` before the inclusion of the `db-error.php` file to allow translation in both locations before the template is loaded.

Props sbruner, kovshenin.
Fixes #25703.


Built from https://develop.svn.wordpress.org/trunk@27056


git-svn-id: http://core.svn.wordpress.org/trunk@26929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-01-29 05:28:12 +00:00
Scott Taylor fc7a7b8972 When `WP_DEBUG` is set to `true`, suppress deprecated errors from firing when calling `mysql_connect()`, which is officially deprecated in PHP 5.5. We will remove this shameful code as soon as is humanly possible. 
Props wonderboymusic. Extra love to tierra and nacin.
Fixes #26322.


Built from https://develop.svn.wordpress.org/trunk@26512


git-svn-id: http://core.svn.wordpress.org/trunk@26405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-12-02 00:09:10 +00:00
Andrew Nacin 20b0153753 Document the 'query' filter in wp-db. 
props natejacobs.
see #25229.

Built from https://develop.svn.wordpress.org/trunk@25284


git-svn-id: http://core.svn.wordpress.org/trunk@25248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-09-06 17:07:09 +00:00
Andrew Nacin f39e2c28ce Reset $wpdb->insert_id on a failed INSERT or REPLACE. See [24459] [24494]. 
git-svn-id: http://core.svn.wordpress.org/trunk@24872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-07-29 18:14:05 +00:00
Andrew Nacin eb822723ae Check that we have a database connection in wpdb::_real_escape(). see #24773. 
git-svn-id: http://core.svn.wordpress.org/trunk@24758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-07-20 20:16:21 +00:00
Andrew Nacin 0cb7fbacc8 Ensure _deprecated_function() exists before calling it. wpdb currently does not have a full functions.php dependency, and this can break external inclusions. see #24774. 
git-svn-id: http://core.svn.wordpress.org/trunk@24724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-07-17 21:08:05 +00:00