Expands the use of `wp_get_wp_version()` to get an unmodified value of the current WordPress version in various locations in which it would be unhelpful if a plugin has modified the global `$wp_version`.
This includes:
* Theme and plugin compatibility tests
* During the upgrade process of WP Core
* Debug and site health data reports of the current version
* Version number display in the dashboard
* Block theme export and caching utilities
* The `WPDB` class
Props peterwilsoncc, hellofromtonya.
See #61627.
Built from https://develop.svn.wordpress.org/trunk@59159
git-svn-id: http://core.svn.wordpress.org/trunk@58554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `mysqli_ping()` function is deprecated as of PHP 8.4, though, in reality, the function wasn't working according to spec anymore since PHP 8.2 when the `libmysql` driver was dropped in favour of `libmysqlnd`, which was already the default (and recommended) driver since PHP 5.4.
The `mysqli_ping()` method was also not really correctly named as its functionality was to reconnect to the database, not just ping.
The alternative is to "manually" ping the database by sending a `DO 1` query (the cheapest possible SQL query).
Adding a PHP version based toggle was considered, but as mentioned above, the default driver has been `libmysqlnd` since PHP 5.4 and in that case, the function never worked anyway, so in reality `mysqli_ping()` was only really functional for the odd custom PHP compilation where `mysqli` was build against `libmysql` AND `reconnect` was not disabled.
With this in mind, this change replaces the call to `mysqli_ping()` with the `DO 1` query completely. If that query succeeds, it concludes the database connection is still alive. This solution should be the most stable as it will work for both PHP 7.2 <= 8.1, independently of which driver `mysqli` was compiled with, as well as for PHP 8.2+.
Note: It could also be considered to remove the function call to `mysqli_ping()` completely and rely on standard error handling in case the connection would have dropped, as after all, the fact that the connection existed at the moment the "ping" happened, is no guarantee that the connection will still exist when the next query is send.... this approach was not chosen so as WP has custom error handling and does not use the PHP native mysqli exceptions for this, which would make implementing this more awkward.
Includes a test to verify that the connection check works when there is a valid connection (this was previously not covered by tests).
Refs:
* https://wiki.php.net/rfc/deprecations_php_8_4#mysqli_ping_and_mysqliping
* https://github.com/php/php-src/pull/11912#issuecomment-1671762583
* https://stackoverflow.com/questions/2546868/cheapest-way-to-determine-if-a-mysql-connection-is-still-alive/2546922#2546922
* php/php-src#11945
* https://wiki.php.net/rfc/mysqli_support_for_libmysql
* https://www.php.net/mysqli_ping
Follow-up to [56475], [27250], [27075].
Props jrf, hellofromTonya.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59069
git-svn-id: http://core.svn.wordpress.org/trunk@58465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since WordPress 6.5, the minimum supported version of MySQL and MariaDB is 5.5.5. This means all supported database servers now support the `utf8mb4` character set and therefore the conditional logic for this is no longer necessary.
Props l1nuxjedi, craigfrancis, OllieJones, johnbillion
Fixes#60096
Built from https://develop.svn.wordpress.org/trunk@57926
git-svn-id: http://core.svn.wordpress.org/trunk@57427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The phrase "sanity check" unnecessarily references mental health. It's an old phrase used to denote an extra step in verifying code works as expected.
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”
While "sanity check" is a well-known phrase with a specific meaning, "confidence check" is a direct replacement that is more clear of its intent while being more inclusive.
Words matter.
Follow-up to [49216], [46271], [40583], [38832], [38637], [37409], [33359], [32162], [30346], [30345], [30238], [30055], [29902], [28763], [26141], [25002], [22227], [13428], [12148], [11025], [8927].
Props dartiss, hellofromTonya.
Fixes#60187.
Built from https://develop.svn.wordpress.org/trunk@57239
git-svn-id: http://core.svn.wordpress.org/trunk@56745 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Partial revert of [56475] to reinstate the private `wpdb::$use_mysqli` property and set to its default to `true`. This private property was / is accessible through the magic methods. Though Core's usage of this property was removed by [56475], plugins are using the property. Reinstating it resolves the BC break.
Follow up to [56475].
Props jason_the_adams, joemcgill, johnbillion, johnjamesjacoby, jrf, rajinsharwar, renehermi.
Fixes#59846.
Built from https://develop.svn.wordpress.org/trunk@57089
git-svn-id: http://core.svn.wordpress.org/trunk@56600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the foreach loop of last results, move the if statement outside of the loop. There is no need to check every element in the array for the output type. Do this once outside of the loop. For large database queries with lots of rows returned, this should improve PHP performance.
Props spacedmonkey, Cybr, johnbillion, costdev, joemcgill.
Fixes#56541.
Built from https://develop.svn.wordpress.org/trunk@56066
git-svn-id: http://core.svn.wordpress.org/trunk@55578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids fatal errors on PHP < 8.0 if the file is included directly outside of WordPress core, e.g. by HyperDB.
While WordPress core does include polyfills for these functions, they are not directly loaded in the `wpdb` class.
Follow-up to [54384], [55157], [55158], [55988], [55990].
Props dd32, ryelle, joedolson.
See #58206.
Built from https://develop.svn.wordpress.org/trunk@55994
git-svn-id: http://core.svn.wordpress.org/trunk@55506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_starts_with()` and `str_ends_with()` were introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins or ends with the given substring (needle).
WordPress core includes a polyfill for these functions on PHP < 8.0 as of WordPress 5.9.
This commit uses `str_starts_with()` and `str_ends_with()` in core files where appropriate:
* `$needle === substr( $string, 0, $length )`, where `$length` is the length of `$needle`, is replaced with `str_starts_with( $haystack, $needle )`.
* `$needle === substr( $string, $offset )`, where `$offset` is negative and the absolute value of `$offset` is the length of `$needle`, is replaced with `str_ends_with( $haystack, $needle )`.
This aims to make the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987], [55988].
Props Soean, spacedmonkey, Clorith, ocean90, azaozz, sabernhardt, SergeyBiryukov.
Fixes#58220.
Built from https://develop.svn.wordpress.org/trunk@55990
git-svn-id: http://core.svn.wordpress.org/trunk@55502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].
Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes#58206.
Built from https://develop.svn.wordpress.org/trunk@55988
git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This amends the previous commit to avoid a warning on PHP < 7.2.18 if haystack is an empty string:
{{{
Warning: substr_compare(): The start position cannot exceed initial string length
}}}
Follow-up to [55151], [55157].
See #52506.
Built from https://develop.svn.wordpress.org/trunk@55158
git-svn-id: http://core.svn.wordpress.org/trunk@54691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a fatal error if the file is included directly outside of WordPress core, e.g. by HyperDB.
While WordPress core does include a polyfill function, it is not directly loaded in the `wpdb` class.
This commit replaces the `str_ends_with()` calls with `substr_compare()` for now.
Follow-up to [55151].
Props Otto42.
See #52506.
Built from https://develop.svn.wordpress.org/trunk@55157
git-svn-id: http://core.svn.wordpress.org/trunk@54690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[53575] during the 6.1 cycle was reverted in [54734] to address issues around multiple `%` placeholders not being properly quoted as reported in #56933. Since then, this issue has been resolved and the underlying code improved significantly. Additionally, the unit tests have been expanded and the inline docs have been improved as well.
This change reintroduces `%i` placeholder support in `$wpdb->prepare()` to give extenders the ability to safely escape table and column names in database queries.
Follow-up to [53575] and [54734].
Props craigfrancis, jrf, xknown, costdev, ironprogrammer, SergeyBiryukov.
Fixes#52506.
Built from https://develop.svn.wordpress.org/trunk@55151
git-svn-id: http://core.svn.wordpress.org/trunk@54684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit:
* Renames the `$string` parameter to `$data` in:
* `wpdb::_weak_escape()`
* `wpdb::_real_escape()`
* `wpdb::escape_by_ref()`
* Renames the `$string` parameter to `$input_string` in `wpdb::check_ascii()`.
Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365], [54927], [54929], [54930], [54931], [54932], [54933], [54938], [54943], [54944], [54945], [54946], [54947], [54948].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
Built from https://develop.svn.wordpress.org/trunk@54950
git-svn-id: http://core.svn.wordpress.org/trunk@54502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using `'%%%s%%'` pattern with `$wpdb->prepare()`, it works on 6.0.3 but does not on 6.1-RC. Why? The inserted value is wrapped in quotes on 6.1-RC5 whereas it is not on <= 6.0.3.
With 6.1 final release tomorrow, more time is needed to further investigate and test. Reverting this changeset to restore the previous behavior.
This commit also adds a dataset for testing the `'%%%s%%'` pattern.
Props SergeyBiryukov, hellofromTonya, bernhard-reiter, desrosj, davidbaumwald, jorbin.
Fixes#56933.
See #52506.
Built from https://develop.svn.wordpress.org/trunk@54733
git-svn-id: http://core.svn.wordpress.org/trunk@54285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
MariaDB version is reported differently between PHP versions:
* PHP 8.0.16 or later: `10.6.8-MariaDB`
* PHP 8.0.15 or earlier: `5.5.5-10.6.8-MariaDB`
The latter includes PHP 7.4.x and PHP 5.6.x as well, where the version is also reported with the `5.5.5-` prefix.
This commit makes an adjustment to `wpdb::has_cap()` to check for the correct MariaDB version.
This resolves an issue where the `utf8mb4_unicode_520_ci` collation, which is available in MariaDB since version 10.2, was previously not detected correctly.
References:
* [https://github.com/php/php-src/issues/7972 php-src: #7972: MariaDB version prefix 5.5.5- is not stripped]
* [https://github.com/php/php-src/pull/7963 php-src: PR #7963 Fix GH-7932: MariaDB version prefix not always stripped]
* [https://mariadb.com/docs/reference/mdb/collations/utf8mb4_unicode_520_ci/ MariaDB Documentation: utf8mb4_unicode_520_ci]
Follow-up to [37523], [53919].
Props jamieburchell, SergeyBiryukov.
Fixes#54841.
Built from https://develop.svn.wordpress.org/trunk@54384
git-svn-id: http://core.svn.wordpress.org/trunk@53943 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Global terms was a feature from the WordPress MU days where multisite and single site installs used different code bases.
In WordPress 3.0, WordPress MU was merged into one location and the UI [14854] and “on” switch [14880] for global terms were completely removed.
Even before this merge, global terms was bug infested and unreliable. After [14854]/[14880], the feature was no longer maintained and became increasingly broken as taxonomies progressed without it (term splitting and term meta do not work at all). At this point, the feature has not worked in 12+ years and there’s no hope for saving it.
This deprecates the remaining global terms related code and no-ops the functions.
Global terms, you don’t have to go home, but you can’t stay here.
Props scribu, wonderboymusic, SergeyBiryukov, nacin, pento, desrosj, johnjamesjacoby, johnbillion, dd32.
Fixes#21734.
Built from https://develop.svn.wordpress.org/trunk@54240
git-svn-id: http://core.svn.wordpress.org/trunk@53799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Dynamic (non-explicitly declared) properties are deprecated as of PHP 8.2 and are expected to become a fatal error in PHP 9.0.
There are a number of ways to mitigate this:
* If it is an accidental typo for a declared property: fix the typo.
* For known properties: declare them on the class.
* For unknown properties: add the magic `__get()`, `__set()`, et al. methods to the class or let the class extend `stdClass` which has highly optimized versions of these magic methods built in.
* For unknown ''use'' of dynamic properties, the `#[AllowDynamicProperties]` attribute can be added to the class. The attribute will automatically be inherited by child classes.
Trac ticket #56034 is open to investigate and handle the third and fourth type of situations, however it has become clear this will need more time and will not be ready in time for WP 6.1.
To reduce “noise” in the meantime, both in the error logs of WP users moving onto PHP 8.2, in the test run logs of WP itself, in test runs of plugins and themes, as well as to prevent duplicate tickets from being opened for the same issue, this commit adds the `#[AllowDynamicProperties]` attribute to all “parent” classes in WP.
The logic used for this commit is as follows:
* If a class already has the attribute: no action needed.
* If a class does not `extend`: add the attribute.
* If a class does `extend`:
- If it extends `stdClass`: no action needed (as `stdClass` supports dynamic properties).
- If it extends a PHP native class: add the attribute.
- If it extends a class from one of WP's external dependencies: add the attribute.
* In all other cases: no action — the attribute should not be needed as child classes inherit from the parent.
Whether or not a class contains magic methods has not been taken into account, as a review of the currently existing magic methods has shown that those are generally not sturdy enough and often even set dynamic properties (which they should not). See the [https://www.youtube.com/watch?v=vDZWepDQQVE live stream from August 16, 2022] for more details.
This commit only affects classes in the `src` directory of WordPress core.
* Tests should not get this attribute, but should be fixed to not use dynamic properties instead. Patches for this are already being committed under ticket #56033.
* While a number bundled themes (2014, 2019, 2020, 2021) contain classes, they are not a part of this commit and may be updated separately.
Reference: [https://wiki.php.net/rfc/deprecate_dynamic_properties PHP RFC: Deprecate dynamic properties].
Follow-up to [53922].
Props jrf, hellofromTonya, markjaquith, peterwilsoncc, costdev, knutsp, aristath.
See #56513, #56034.
Built from https://develop.svn.wordpress.org/trunk@54133
git-svn-id: http://core.svn.wordpress.org/trunk@53692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
From [https://mariadb.com/kb/en/mariadb-1061-release-notes/ MariaDB 10.6.1 release notes]:
> The `utf8` [https://mariadb.com/kb/en/character-sets/ character set] (and related collations) is now by default an alias for `utf8mb3` rather than the other way around. It can be set to imply `utf8mb4` by changing the value of the [https://mariadb.com/kb/en/server-system-variables/#old_mode old_mode] system variable ([https://jira.mariadb.org/browse/MDEV-8334 MDEV-8334]).
From [https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-30.html#mysqld-8-0-30-charset MySQL 8.0.30 release notes]:
> **Important Change:** A previous change renamed character sets having deprecated names prefixed with `utf8_` to use `utf8mb3_` instead. In this release, we rename the `utf8_` collations as well, using the `utf8mb3_` prefix; this is to make the collation names consistent with those of the character sets, not to rely any longer on the deprecated collation names, and to clarify the distinction between `utf8mb3` and `utf8mb4`. The names using the `utf8mb3_` prefix are now used exclusively for these collations in the output of `SHOW` statements such as `SHOW CREATE TABLE`, as well as in the values displayed in the columns of Information Schema tables including the `COLLATIONS` and `COLUMNS` tables.
This commit adds `utf8mb3_bin` and `utf8mb3_general_ci` to the list of safe collations recognized by `wpdb::check_safe_collation()`. The full list is now as follows:
* `utf8_bin`
* `utf8_general_ci`
* `utf8mb3_bin`
* `utf8mb3_general_ci`
* `utf8mb4_bin`
* `utf8mb4_general_ci`
The change is covered by existing database charset unit tests: six tests which previously failed on MariaDB 10.6.1+ or MySQL 8.0.30+ now pass.
Includes:
* Adjusting the expected test results based on MariaDB and MySQL version.
* Using named data providers for the affected tests to make test output more descriptive.
* Adding a failure message to each assertion when multiple assertions are used in the test.
References:
* [https://mariadb.com/kb/en/mariadb-1061-release-notes/ MariaDB 10.6.1 release notes]
* [https://jira.mariadb.org/browse/MDEV-8334 MDEV-8334 Rename utf8 to utf8mb3]
* [https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-30.html#mysqld-8-0-30-charset MySQL 8.0.30 release notes]
* [https://dev.mysql.com/doc/refman/8.0/en/charset-unicode-utf8mb3.html The utf8mb3 Character Set (3-Byte UTF-8 Unicode Encoding)]
Follow-up to [30345], [32162], [37320].
Props skithund, ayeshrajans, JavierCasares, SergeyBiryukov.
Fixes#53623.
Built from https://develop.svn.wordpress.org/trunk@53918
git-svn-id: http://core.svn.wordpress.org/trunk@53477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This renames the file containing the `wpdb` class to conform to the coding standards.
This commit also includes:
* A new `wp-db.php` that loads the new file, for anyone that may have been including the file directly.
* Replacing references to the old filename with the new filename.
Fixes#56268. See #55647.
Built from https://develop.svn.wordpress.org/trunk@53749
git-svn-id: http://core.svn.wordpress.org/trunk@53308 1a063a9b-81f0-0310-95a4-ce76da25c4cd