Dion Hulse
94278eddb6
WPDB: Check that `AUTH_SALT` is not empty, Fix a PHP notice when `AUTH_SALT` is undefined.
...
Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 3.7 branch.
Fixes #42431 and #42401 for 3.7.
Built from https://develop.svn.wordpress.org/branches/3.7@42241
git-svn-id: http://core.svn.wordpress.org/branches/3.7@42070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-27 01:15:10 +00:00
Gary Pendergast
083e886cf7
Database: Restore numbered placeholders in `wpdb::prepare()`.
...
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.
This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.
Merges [41662], [42056] to the 3.7 branch.
See #41925 .
Built from https://develop.svn.wordpress.org/branches/3.7@42068
git-svn-id: http://core.svn.wordpress.org/branches/3.7@41897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-31 13:02:10 +00:00
Aaron Campbell
7b03bfc16f
Database: Hardening to bring `wpdb::prepare()` inline with documentation.
...
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.
Merges [41496] to 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@41508
git-svn-id: http://core.svn.wordpress.org/branches/3.7@41341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 18:46:09 +00:00
Aaron Campbell
0a541104e3
Database: Don’t trigger `_doing_it_wrong()` for null values in `wpdb::prepare()`.
...
While `wpdb::prepare()` does not support null values (see #12819 ) they still appear in the wild like in the WordPress Importer and other plugins.
Merges [41483] to 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@41495
git-svn-id: http://core.svn.wordpress.org/branches/3.7@41328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 16:30:22 +00:00
Aaron Campbell
029d279155
Database: Hardening for `wpdb::prepare()`
...
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.
Merges [41470] to 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@41482
git-svn-id: http://core.svn.wordpress.org/branches/3.7@41315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 15:06:09 +00:00
Gary Pendergast
d56d0b0e2c
WPDB: `get_table_from_query()` didn't find table names with hyphens in them.
...
Merge of [33718] to the 3.8 branch.
Props dustinbolton, pento.
See #33470 .
Built from https://develop.svn.wordpress.org/branches/3.7@33997
git-svn-id: http://core.svn.wordpress.org/branches/3.7@33966 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 07:20:08 +00:00
John Blackbourn
a8bf70c382
WPDB: Allow queries to reference tables in the dbname.tablename format, and allow table names to contain any valid character, rather than just ASCII.
...
Merge of [32368] to the 3.7 branch.
Props pento, willstedt for the initial patch.
See #32090 .
Built from https://develop.svn.wordpress.org/branches/3.7@32416
git-svn-id: http://core.svn.wordpress.org/branches/3.7@32386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 21:14:10 +00:00
Dominik Schilling
8cb1387688
WPDB: When sanity checking query character sets, there's no need to check queries that don't return user data.
...
Merges [32374] to the 3.7 branch.
props pento.
fixes #32104 .
Built from https://develop.svn.wordpress.org/branches/3.7@32407
git-svn-id: http://core.svn.wordpress.org/branches/3.7@32377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 20:08:09 +00:00
Helen Hou-Sandí
0697563967
The UTF-8 regex can occasionally fail on very low memory machines. Reduce the amount of memory it uses.
...
Merges [32375] to the 3.7 branch.
props pento.
fixes #32204 .
Built from https://develop.svn.wordpress.org/branches/3.7@32400
git-svn-id: http://core.svn.wordpress.org/branches/3.7@32370 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:44:19 +00:00
Michael Adams
18fcca2916
WPDB: When checking that a string can be sent to MySQL, we shouldn't use `mb_convert_encoding()`, as it behaves differently to MySQL's character encoding conversion.
...
Merge of [32364] to the 3.7 branch.
Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.
See #32165 .
Built from https://develop.svn.wordpress.org/branches/3.7@32391
git-svn-id: http://core.svn.wordpress.org/branches/3.7@32361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:17:09 +00:00
Michael Adams
cd63ed5102
3.7:
...
- WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly.
- When upgrading, remove any suspicious comments.
Built from https://develop.svn.wordpress.org/branches/3.7@32318
git-svn-id: http://core.svn.wordpress.org/branches/3.7@32289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 18:35:09 +00:00
Gary Pendergast
2e7a66f15f
WPDB: When sanity checking a string by sending it to MySQL for conversion checks, the incorrect data structure was being returned from wpdb::strip_invalid_text(), causing all write queries to fail for some character sets when the query contained non-ASCII characters.
...
Merge of [32261] to the 3.7 branch.
See #32051 .
Built from https://develop.svn.wordpress.org/branches/3.7@32275
git-svn-id: http://core.svn.wordpress.org/branches/3.7@32246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-23 11:56:10 +00:00
Gary Pendergast
8490921af3
WPDB: When deciding if a query needs extra sanity checking based on collation, return early when we can. Merges [32232] and [32233] to the 3.7 branch.
...
See #32029 .
Built from https://develop.svn.wordpress.org/branches/3.7@32241
git-svn-id: http://core.svn.wordpress.org/branches/3.7@32212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-21 07:06:10 +00:00
Gary Pendergast
5236e251a3
Merge the query sanity checks from #21212 to the 3.7 branch.
...
Props pento, nacin, mdawaffe, DrewAPicture.
Built from https://develop.svn.wordpress.org/branches/3.7@32188
git-svn-id: http://core.svn.wordpress.org/branches/3.7@32161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 11:52:10 +00:00
Andrew Nacin
20b0153753
Document the 'query' filter in wp-db.
...
props natejacobs.
see #25229 .
Built from https://develop.svn.wordpress.org/trunk@25284
git-svn-id: http://core.svn.wordpress.org/trunk@25248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-06 17:07:09 +00:00
Andrew Nacin
f39e2c28ce
Reset $wpdb->insert_id on a failed INSERT or REPLACE. See [24459] [24494].
...
git-svn-id: http://core.svn.wordpress.org/trunk@24872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 18:14:05 +00:00
Andrew Nacin
eb822723ae
Check that we have a database connection in wpdb::_real_escape(). see #24773 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-20 20:16:21 +00:00
Andrew Nacin
0cb7fbacc8
Ensure _deprecated_function() exists before calling it. wpdb currently does not have a full functions.php dependency, and this can break external inclusions. see #24774 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-17 21:08:05 +00:00
Andrew Nacin
3b4f3dea29
Deprecate wpdb::escape() in favor of wpdb::prepare() and esc_sql(). fixes #24774 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-16 17:44:42 +00:00
Andrew Nacin
dffd2b1bd9
Always use mysql_real_escape_string(), even when DB_CHARSET is not properly set. fixes #24773 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-16 14:07:53 +00:00
Andrew Nacin
2ac8311b74
Partially revert [24459] and only flush insert_id on the next insert or replace query, as we had been doing before. (Yes, this is not how mysql_insert_id() works.)
...
git-svn-id: http://core.svn.wordpress.org/trunk@24494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 18:22:26 +00:00
Andrew Nacin
9f10b33324
Have wpdb::flush() reset more variables.
...
git-svn-id: http://core.svn.wordpress.org/trunk@24459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 01:32:54 +00:00
Sergey Biryukov
e65c4190f1
Remove extraneous function parameters in the wpdb class. props rlerdorf. see #24210 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-29 00:31:56 +00:00
Sergey Biryukov
2bcf4b8802
Only show database errors if WP_DEBUG_DISPLAY is enabled. props cheeserolls, storkontheroof, crazycoders. fixes #22203 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-18 09:51:02 +00:00
Andrew Nacin
e588812a49
Enforce a minimum of two arguments for wpdb::prepare(). The first argument is the query (or fragment thereof), which is required. Additional arguments are values to substitute into placeholders.
...
This will generate E_WARNINGs for insufficient arguments when prepare() is called with no additional arguments. This should discourage improper uses of prepare() under the guise of safely running a query.
props xknown. fixes #22262 .
git-svn-id: http://core.svn.wordpress.org/trunk@22429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 19:30:59 +00:00
Andrew Nacin
d85554c5f1
When replacing floats in wpdb::prepare(), avoid escaped placeholders (%%f). props SergeyBiryukov. fixes #19861 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@22304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-25 20:52:50 +00:00
Ryan Boren
8ae2c51069
Correct phpdoc for wpdb::bail(). wp_die() is issued when show_errors is true, not false. Props SergeyBiryukov. fixes #22211
...
git-svn-id: http://core.svn.wordpress.org/trunk@22254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-17 13:11:45 +00:00
Ryan Boren
77518e9c71
Objects no longer need to be explicitly passed by ref to call_user_func*() to be callable. Props wonderboymusic. fixes #21865
...
git-svn-id: http://core.svn.wordpress.org/trunk@22118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-04 20:00:16 +00:00
Andrew Nacin
1508b46bb4
Call error_log() in wp-db without unnecessary conditionals. fixes #21103 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-11 01:35:43 +00:00
Andrew Nacin
e225c12704
Basic support for the mysql_connect() new_link and client_flags arguments. props Otto42, fixes #19324 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-24 17:44:21 +00:00
Ryan Boren
7342291b01
Update @since for various wpdb properties. Props SergeyBiryukov. fixes #21582
...
git-svn-id: http://core.svn.wordpress.org/trunk@21521 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-15 15:32:35 +00:00
Andrew Nacin
2b21b814a1
@since for wpdb's result property. props SergeyBiryukov. see #21533 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-14 20:34:12 +00:00
Andrew Nacin
f965d758fc
Add magic set, isset, and unset to wpdb. props pento.
...
These magic methods allow us to mark properties as protected or private, without breaking compatibility, as they were once accessible. The joys of PHP4.
fixes #18510 .
git-svn-id: http://core.svn.wordpress.org/trunk@21512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-14 20:26:04 +00:00
Andrew Nacin
c11a4c09e8
Eliminate error suppression for mysql_free_result() and only call it when the result is actually a resource. Depending on the query, mysql_query() can return a boolean rather than a resource, hence the original use of error suppression.
...
Fixes a warning introduced in [21472] when calling mysql_free_result() was moved to flush().
fixes #20838 .
git-svn-id: http://core.svn.wordpress.org/trunk@21511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-14 20:21:10 +00:00
nacin
f02bacd9f1
Declare, document, and protect $dbuser, $dbpassword, $dbname, $dbhost and $dbh in wpdb.
...
These properties, while protected, are still accessible thanks to the magic getter added in [21472].
props pento, nvartolomei, joelhardi. fixes #18510 .
git-svn-id: http://core.svn.wordpress.org/trunk@21473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-08 06:28:57 +00:00
nacin
1425762319
Lazy-load column info in wpdb. props pento. fixes #20838 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-08 06:24:59 +00:00
nacin
4e5fd4de46
Introduce wpdb::get_charset_collate() to return the DEFAULT CHARACTER SET and COLLATE for use in table schemas.
...
props simonwheatley, pento. fixes #18451 .
git-svn-id: http://core.svn.wordpress.org/trunk@21471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-08 06:13:48 +00:00
nacin
73c74cf8f7
Deprecate wpdb::supports_collation() in favor of wpdb::has_cap().
...
props hakre, pento. fixes #16757 .
git-svn-id: http://core.svn.wordpress.org/trunk@21470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-08 06:06:57 +00:00
nacin
3e8fe0e2e0
Correctly identify queries where a line break follows a keyword, rather than a space. props GeertDD, fixes #19467 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-29 15:08:17 +00:00
nacin
9810e75d46
Handle localized floats in $wpdb->prepare(). props kurtpayne. fixes #19861 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-28 19:57:31 +00:00
nacin
9501ff721d
Escape special characters when outputting DB failures. see #13839 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-16 21:55:47 +00:00
duck_
a280584422
Correct @since and remove invalid code example in wpdb::delete() documentation. Props GaryJ, scribu. See #18948 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-27 12:00:39 +00:00
nacin
0730535015
Introduce $wpdb->delete(). props justindgivens, scribu. fixes #18948 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-24 15:24:31 +00:00
westi
cff0e266a4
Refactor WPDB::get_caller() into wp_debug_backtrace_summary() and improve the functionality to provide enhanced context and a standardised default pretty format. Fixes #19589
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-28 11:56:50 +00:00
nacin
81ed9a7563
Introduce wp_load_translations_early(), which can be used before the locale is properly loaded in order to translate early error strings. Internationalize setup-config.php -- translators no longer have a reason to modify this file. fixes #18180 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19760 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-26 20:34:27 +00:00
ryan
e3b46b25d3
Lose EOF ?>. Clean up EOF newlines. fixes #12307
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
duck_
a95ad847db
Stop quotes being incorrectly added to prepare placeholders in wpdb::_insert_replace_helper(). Fixes #19016 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 21:29:57 +00:00
nacin
6424c5b733
Ask for a float from microtime() for timer_start(), timer_stop(). Clarify docs. props solarissmoke, fixes #19157 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-20 21:36:53 +00:00
ryan
07ff8b216b
Use one space, not two, after trailing punctuation. fixes #19537
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
nacin
e39245936f
Remove reference to get_last_error(), it doesn't exist. props mitchoyoshitaka, fixes #19002 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-15 00:18:41 +00:00