WordPress.org
Get WordPress

Make WordPress Core

Opened 20 years ago

Closed 20 years ago

Last modified 16 years ago

#910 closed defect (bug) (fixed)

Wordpress allows dots in prefix

Reported by: anonymousbugger's profile anonymousbugger Owned by: markjaquith's profile markjaquith
Milestone: 2.0.6 Priority: normal
Severity: minor Version: 1.5
Component: General Keywords: bg|2nd-opinion bg|dev-feedback bg|needs-patch
Focuses: Cc:

Description

I accidently tried a prefix like wp1.5_ and MySQL showed me a lot of errors in the second step of installation. Wordpress should not allow using characters which MySQL doesn't like.

MySQL v 4.0.23_Debian-6-log on Linux

Change History (11)

#1 @anonymousbugger
20 years ago

  • Patch set to No

#2 @markjaquith
20 years ago

  • Keywords bg|2nd-opinion bg|dev-feedback added
  • Owner changed from anonymous to markjaquith
  • Status changed from new to assigned

What is a valid table name? a-z, 0-9, _ and - right? Something like this could work in install.php somewhere. Thoughts?

<?php
make sure the $table_prefix is valid
if ( !preg_match('/[a-z0-9_\-]+$/i', $table_prefix))

die (('The table prefix you chose contains invalid characters. Please edit wp-config.php and ensure that the table prefix only contains letters, numbers, underscores, and dashes.'));

?>

#3 @skippy
20 years ago

Dashes are not permitted without backticks.

<?php
// make sure the $table_prefix is valid
if ( ( !preg_match('/^`[a-z0-9_\-]+`$/i', $table_prefix)) || 
 ( !preg_match('/^[a-z0-9_]+$/i', $table_prefix)) )

    die ('The table prefix you chose contains invalid characters. Please edit wp-config.php and ensure that the table prefix only contains letters, numbers, and underscores.');

?>

Note that explaining the requirement for backticks sufficiently complicates the explanatory note, so I dropped dashes from that. Folks who know can use dashes in backticks, and everyone can use underscores.

#4 @markjaquith
20 years ago

Don't forget i18n. And you shouldn't be using
because that will always be true 
<?php
// make sure the $table_prefix is valid
if ( ( !preg_match('/^`[a-z0-9_\-]+`$/i', $table_prefix)) && 
 ( !preg_match('/^[a-z0-9_]+$/i', $table_prefix)) )

    die (__('The table prefix you chose contains invalid characters. Please edit wp-config.php and ensure that the table prefix only contains letters, numbers, and underscores.'));

?>

#5 @markjaquith
20 years ago

That should read: "shouldn't be using 'OR' (double pipes)"

#6 @markjaquith
20 years ago

Oh... wait a tick (pun intended)... backticks have to be around the entire table name. This is just the prefix. Dashes are out, altogether without more changes in WP code.

<?php
// make sure the $table_prefix is valid
if ( !preg_match('/^[a-z0-9_]+$/i', $table_prefix) )
    die (__('The table prefix you chose contains invalid characters. Please edit wp-config.php and ensure that the table prefix only contains letters, numbers, and underscores.'));

?>

#7 @skippy
20 years ago

I agree -- alphanumeric plus underscores.

#8 @markjaquith
20 years ago

  • Keywords bg|needs-patch added
  • Milestone set to 1.6

Gotta make a patch for this.

#9 @matt
20 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [2745]) Note character restrictions, fixes #910

#10 @(none)
19 years ago

  • Milestone 2.0 deleted

Milestone 2.0 deleted

#11 @Denis-de-Bernardy
16 years ago

  • Milestone changed from Unassigned to 2.0.6
Note: See TracTickets for help on using tickets.