Ticket #10041: miqro-10041.4.patch
| File miqro-10041.4.patch, 29.6 KB (added by , 11 years ago) |
|---|
-
src/wp-admin/includes/class-wp-ms-sites-list-table.php
38 38 $s = trim($s, '*'); 39 39 } 40 40 41 $like_s = esc_sql( like_escape( $s ) );42 43 41 // If the network is large and a search is not being performed, show only the latest blogs with no paging in order 44 42 // to avoid expensive count queries. 45 43 if ( !$s && wp_is_large_network() ) { … … 58 56 preg_match( '/^[0-9]{1,3}\.[0-9]{1,3}\.?$/', $s ) || 59 57 preg_match( '/^[0-9]{1,3}\.$/', $s ) ) { 60 58 // IPv4 address 61 $reg_blog_ids = $wpdb->get_col( "SELECT blog_id FROM {$wpdb->registration_log} WHERE {$wpdb->registration_log}.IP LIKE ( '{$like_s}$wild' )" ); 59 $sql = $wpdb->prepare( "SELECT blog_id FROM {$wpdb->registration_log} WHERE {$wpdb->registration_log}.IP LIKE %s", $wpdb->esc_like( $s ) . $wild ); 60 $reg_blog_ids = $wpdb->get_col( $sql ); 62 61 63 62 if ( !$reg_blog_ids ) 64 63 $reg_blog_ids = array( 0 ); … … 69 68 AND {$wpdb->blogs}.blog_id IN (" . implode( ', ', $reg_blog_ids ) . ")"; 70 69 } else { 71 70 if ( is_numeric($s) && empty( $wild ) ) { 72 $query .= " AND ( {$wpdb->blogs}.blog_id = '{$like_s}' )";71 $query .= $wpdb->prepare( " AND ( {$wpdb->blogs}.blog_id = %s )", $s ); 73 72 } elseif ( is_subdomain_install() ) { 74 $blog_s = str_replace( '.' . $current_site->domain, '', $ like_s );75 $blog_s .= $wild . '.' . $current_site->domain;76 $query .= " AND ( {$wpdb->blogs}.domain LIKE '$blog_s' ) ";73 $blog_s = str_replace( '.' . $current_site->domain, '', $s ); 74 $blog_s = $wpdb->esc_like( $blog_s ) . $wild . $wpdb->esc_like( '.' . $current_site->domain ); 75 $query .= $wpdb->prepare( " AND ( {$wpdb->blogs}.domain LIKE %s ) ", $blog_s ); 77 76 } else { 78 if ( $like_s != trim('/', $current_site->path) ) 79 $blog_s = $current_site->path . $like_s . $wild . '/'; 80 else 81 $blog_s = $like_s; 82 $query .= " AND ( {$wpdb->blogs}.path LIKE '$blog_s' )"; 77 if ( $s != trim('/', $current_site->path) ) { 78 $blog_s = $wpdb->esc_like( $current_site->path . $s ) . $wild . $wpdb->esc_like( '/' ); 79 } else { 80 $blog_s = $wpdb->esc_like( $s ); 81 } 82 $query .= $wpdb->prepare( " AND ( {$wpdb->blogs}.path LIKE %s )", $blog_s ); 83 83 } 84 84 } 85 85 -
src/wp-admin/includes/schema.php
553 553 // The multi-table delete syntax is used to delete the transient record from table a, 554 554 // and the corresponding transient_timeout record from table b. 555 555 $time = time(); 556 $wpdb->query("DELETE a, b FROM $wpdb->options a, $wpdb->options b WHERE 557 a.option_name LIKE '\_transient\_%' AND 558 a.option_name NOT LIKE '\_transient\_timeout\_%' AND 559 b.option_name = CONCAT( '_transient_timeout_', SUBSTRING( a.option_name, 12 ) ) 560 AND b.option_value < $time"); 556 $sql = "DELETE a, b FROM $wpdb->options a, $wpdb->options b 557 WHERE a.option_name LIKE %s 558 AND a.option_name NOT LIKE %s 559 AND b.option_name = CONCAT( '_transient_timeout_', SUBSTRING( a.option_name, 12 ) ) 560 AND b.option_value < %d"; 561 $wpdb->query( $wpdb->prepare( $sql, $wpdb->esc_like( '_transient_' ) . '%', $wpdb->esc_like( '_transient_timeout_' ) . '%', $time ) ); 561 562 562 563 if ( is_main_site() && is_main_network() ) { 563 $wpdb->query("DELETE a, b FROM $wpdb->options a, $wpdb->options b WHERE 564 a.option_name LIKE '\_site\_transient\_%' AND 565 a.option_name NOT LIKE '\_site\_transient\_timeout\_%' AND 566 b.option_name = CONCAT( '_site_transient_timeout_', SUBSTRING( a.option_name, 17 ) ) 567 AND b.option_value < $time"); 568 } 564 $sql = "DELETE a, b FROM $wpdb->options a, $wpdb->options b 565 WHERE a.option_name LIKE %s 566 AND a.option_name NOT LIKE %s 567 AND b.option_name = CONCAT( '_site_transient_timeout_', SUBSTRING( a.option_name, 17 ) ) 568 AND b.option_value < %d"; 569 $wpdb->query( $wpdb->prepare( $sql, $wpdb->esc_like( '_site_transient_' ) . '%', $wpdb->esc_like( '_site_transient_timeout_' ) . '%', $time ) ); 570 } 569 571 } 570 572 571 573 /** -
src/wp-admin/includes/template.php
599 599 * 600 600 * @param int $limit Number of custom fields to retrieve. Default 30. 601 601 */ 602 $limit = (int) apply_filters( 'postmeta_form_limit', 30 ); 603 $keys = $wpdb->get_col( " 604 SELECT meta_key 602 $limit = apply_filters( 'postmeta_form_limit', 30 ); 603 $sql = "SELECT meta_key 605 604 FROM $wpdb->postmeta 606 605 GROUP BY meta_key 607 HAVING meta_key NOT LIKE '\_%'606 HAVING meta_key NOT LIKE %s 608 607 ORDER BY meta_key 609 LIMIT $limit" ); 608 LIMIT %d"; 609 $keys = $wpdb->get_col( $wpdb->prepare( $sql, $wpdb->esc_like( '_' ) . '%', $limit ) ); 610 610 if ( $keys ) { 611 611 natcasesort( $keys ); 612 612 $meta_key_input_id = 'metakeyselect'; -
src/wp-admin/includes/upgrade.php
465 465 } 466 466 } 467 467 468 $wpdb->query("UPDATE $wpdb->options SET option_value = REPLACE(option_value, 'wp-links/links-images/', 'wp-images/links/') 469 WHERE option_name LIKE 'links_rating_image%' 470 AND option_value LIKE 'wp-links/links-images/%'"); 468 $sql = "UPDATE $wpdb->options 469 SET option_value = REPLACE(option_value, 'wp-links/links-images/', 'wp-images/links/') 470 WHERE option_name LIKE %s 471 AND option_value LIKE %s"; 472 $wpdb->query( $wpdb->prepare( $sql, $wpdb->esc_like( 'links_rating_image' ) . '%', $wpdb->esc_like( 'wp-links/links-images/' ) . '%' ) ); 471 473 472 474 $done_ids = $wpdb->get_results("SELECT DISTINCT post_id FROM $wpdb->post2cat"); 473 475 if ($done_ids) : … … 1100 1102 1101 1103 // 3.0 screen options key name changes. 1102 1104 if ( is_main_site() && !defined('DO_NOT_UPGRADE_GLOBAL_TABLES') ) { 1103 $prefix = like_escape($wpdb->base_prefix); 1104 $wpdb->query( "DELETE FROM $wpdb->usermeta WHERE meta_key LIKE '{$prefix}%meta-box-hidden%' OR meta_key LIKE '{$prefix}%closedpostboxes%' OR meta_key LIKE '{$prefix}%manage-%-columns-hidden%' OR meta_key LIKE '{$prefix}%meta-box-order%' OR meta_key LIKE '{$prefix}%metaboxorder%' OR meta_key LIKE '{$prefix}%screen_layout%' 1105 OR meta_key = 'manageedittagscolumnshidden' OR meta_key='managecategoriescolumnshidden' OR meta_key = 'manageedit-tagscolumnshidden' OR meta_key = 'manageeditcolumnshidden' OR meta_key = 'categories_per_page' OR meta_key = 'edit_tags_per_page'" ); 1105 $sql = "DELETE FROM $wpdb->usermeta 1106 WHERE meta_key LIKE %s 1107 OR meta_key LIKE %s 1108 OR meta_key LIKE %s 1109 OR meta_key LIKE %s 1110 OR meta_key LIKE %s 1111 OR meta_key LIKE %s 1112 OR meta_key = 'manageedittagscolumnshidden' 1113 OR meta_key = 'managecategoriescolumnshidden' 1114 OR meta_key = 'manageedit-tagscolumnshidden' 1115 OR meta_key = 'manageeditcolumnshidden' 1116 OR meta_key = 'categories_per_page' 1117 OR meta_key = 'edit_tags_per_page'"; 1118 $prefix = esc_like( $wpdb->base_prefix ); 1119 $wpdb->query( $wpdb->prepare( $sql, 1120 $prefix . '%' . $wpdb->esc_like( 'meta-box-hidden' ) . '%', 1121 $prefix . '%' . $wpdb->esc_like( 'closedpostboxes' ) . '%', 1122 $prefix . '%' . $wpdb->esc_like( 'manage-' ) . '%' . $wpdb->esc_like( '-columns-hidden' ) . '%', 1123 $prefix . '%' . $wpdb->esc_like( 'meta-box-order' ) . '%', 1124 $prefix . '%' . $wpdb->esc_like( 'metaboxorder' ) . '%', 1125 $prefix . '%' . $wpdb->esc_like( 'screen_layout' ) . '%' 1126 ) ); 1106 1127 } 1107 1128 1108 1129 } … … 1284 1305 // The multi-table delete syntax is used to delete the transient record from table a, 1285 1306 // and the corresponding transient_timeout record from table b. 1286 1307 $time = time(); 1287 $wpdb->query("DELETE a, b FROM $wpdb->sitemeta a, $wpdb->sitemeta b WHERE 1288 a.meta_key LIKE '\_site\_transient\_%' AND 1289 a.meta_key NOT LIKE '\_site\_transient\_timeout\_%' AND 1290 b.meta_key = CONCAT( '_site_transient_timeout_', SUBSTRING( a.meta_key, 17 ) ) 1291 AND b.meta_value < $time"); 1308 $sql = "DELETE a, b FROM $wpdb->sitemeta a, $wpdb->sitemeta b 1309 WHERE a.meta_key LIKE %s 1310 AND a.meta_key NOT LIKE %s 1311 AND b.meta_key = CONCAT( '_site_transient_timeout_', SUBSTRING( a.meta_key, 17 ) ) 1312 AND b.meta_value < %d"; 1313 $wpdb->query( $wpdb->prepare( $sql, $wpdb->esc_like( '_site_transient_' ) . '%', $wpdb->esc_like ( '_site_transient_timeout_' ) . '%', $time ) ); 1292 1314 } 1293 1315 1294 1316 // 2.8 … … 1382 1404 */ 1383 1405 function maybe_create_table($table_name, $create_ddl) { 1384 1406 global $wpdb; 1385 if ( $wpdb->get_var("SHOW TABLES LIKE '$table_name'") == $table_name ) 1407 1408 $query = $wpdb->prepare( "SHOW TABLES LIKE %s", $wpdb->esc_like( $table_name ) ); 1409 1410 if ( $wpdb->get_var( $query ) == $table_name ) { 1386 1411 return true; 1412 } 1387 1413 //didn't find it try to create it. 1388 1414 $wpdb->query($create_ddl); 1389 1415 // we cannot directly tell that whether this succeeded! 1390 if ( $wpdb->get_var( "SHOW TABLES LIKE '$table_name'") == $table_name )1416 if ( $wpdb->get_var( $query ) == $table_name ) { 1391 1417 return true; 1418 } 1392 1419 return false; 1393 1420 } 1394 1421 -
src/wp-admin/install.php
74 74 */ 75 75 function display_setup_form( $error = null ) { 76 76 global $wpdb; 77 $user_table = ( $wpdb->get_var("SHOW TABLES LIKE '$wpdb->users'") != null );78 77 78 $sql = $wpdb->prepare( "SHOW TABLES LIKE %s", $wpdb->esc_like( $wpdb->users ) ); 79 $user_table = ( $wpdb->get_var( $sql ) != null ); 80 79 81 // Ensure that Blogs appear in search engines by default 80 82 $blog_public = 1; 81 83 if ( ! empty( $_POST ) ) -
src/wp-admin/maint/repair.php
36 36 $tables = $wpdb->tables(); 37 37 38 38 // Sitecategories may not exist if global terms are disabled. 39 if ( is_multisite() && ! $wpdb->get_var( "SHOW TABLES LIKE '$wpdb->sitecategories'" ) ) 39 $query = $wpdb->prepare( "SHOW TABLES LIKE %s", $wpdb->esc_like( $wpdb->sitecategories ) ); 40 if ( is_multisite() && ! $wpdb->get_var( $query ) ) { 40 41 unset( $tables['sitecategories'] ); 42 } 41 43 42 44 /** 43 45 * Filter additional database tables to repair. -
src/wp-admin/network.php
39 39 */ 40 40 function network_domain_check() { 41 41 global $wpdb; 42 if ( $wpdb->get_var( "SHOW TABLES LIKE '$wpdb->site'" ) ) 42 43 $sql = $wpdb->prepare( "SHOW TABLES LIKE %s", $wpdb->esc_like( $wpdb->site ) ); 44 if ( $wpdb->get_var( $sql ) ) { 43 45 return $wpdb->get_var( "SELECT domain FROM $wpdb->site ORDER BY id ASC LIMIT 1" ); 46 } 44 47 return false; 45 48 } 46 49 -
src/wp-admin/network/site-settings.php
113 113 <table class="form-table"> 114 114 <?php 115 115 $blog_prefix = $wpdb->get_blog_prefix( $id ); 116 $options = $wpdb->get_results( "SELECT * FROM {$blog_prefix}options WHERE option_name NOT LIKE '\_%' AND option_name NOT LIKE '%user_roles'" ); 116 $sql = "SELECT * FROM {$blog_prefix}options 117 WHERE option_name NOT LIKE %s 118 AND option_name NOT LIKE %s"; 119 $query = $wpdb->prepare( $sql, 120 $wpdb->esc_like( '_' ) . '%', 121 '%' . $wpdb->esc_like( 'user_roles' ) 122 ); 123 $options = $wpdb->get_results( $query ); 117 124 foreach ( $options as $option ) { 118 125 if ( $option->option_name == 'default_role' ) 119 126 $editblog_default_role = $option->option_value; -
src/wp-includes/bookmark.php
203 203 } 204 204 205 205 if ( ! empty($search) ) { 206 $ search = esc_sql( like_escape( $search ) );207 $search = " AND ( (link_url LIKE '%$search%') OR (link_name LIKE '%$search%') OR (link_description LIKE '%$search%') ) ";206 $like = '%' . $wpdb->esc_like( $search ) . '%'; 207 $search = $wpdb->prepare(" AND ( (link_url LIKE %s) OR (link_name LIKE %s) OR (link_description LIKE %s) ) ", $like, $like, $like ); 208 208 } 209 209 210 210 $category_query = ''; -
src/wp-includes/canonical.php
500 500 global $wpdb, $wp_rewrite; 501 501 502 502 if ( get_query_var('name') ) { 503 $where = $wpdb->prepare("post_name LIKE %s", like_escape( get_query_var('name') ) . '%');503 $where = $wpdb->prepare("post_name LIKE %s", $wpdb->esc_like( get_query_var('name') ) . '%'); 504 504 505 505 // if any of post_type, year, monthnum, or day are set, use them to refine the query 506 506 if ( get_query_var('post_type') ) -
src/wp-includes/class-wp-xmlrpc-server.php
5742 5742 } elseif ( is_string($urltest['fragment']) ) { 5743 5743 // ...or a string #title, a little more complicated 5744 5744 $title = preg_replace('/[^a-z0-9]/i', '.', $urltest['fragment']); 5745 $sql = $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title RLIKE %s", like_escape( $title ));5745 $sql = $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title RLIKE %s", $title ); 5746 5746 if (! ($post_ID = $wpdb->get_var($sql)) ) { 5747 5747 // returning unknown error '0' is better than die()ing 5748 5748 return $this->pingback_error( 0, '' ); -
src/wp-includes/comment.php
450 450 * @return string 451 451 */ 452 452 function get_search_sql( $string, $cols ) { 453 $string = esc_sql( like_escape( $string ) );453 global $wpdb; 454 454 455 455 $searches = array(); 456 456 foreach ( $cols as $col ) 457 $searches[] = "$col LIKE '%$string%'";457 $searches[] = $wpdb->prepare( "$col LIKE %s", $wpdb->esc_like( $string ) ); 458 458 459 459 return ' AND (' . implode(' OR ', $searches) . ')'; 460 460 } -
src/wp-includes/deprecated.php
3438 3438 _deprecated_function( __FUNCTION__, '3.9' ); 3439 3439 return $content; 3440 3440 } 3441 3442 /** 3443 * Formerly used to escape strings before searching the DB. It was poorly documented and never worked as described. 3444 * 3445 * @since 2.5.0 3446 * @deprecated 4.0.0 3447 * @deprecated Use wpdb::esc_like() 3448 * 3449 * @param string $text The text to be escaped. 3450 * @return string text, safe for inclusion in LIKE query. 3451 */ 3452 function like_escape($text) { 3453 _deprecated_function( __FUNCTION__, '4.0', 'wpdb::esc_like()' ); 3454 return str_replace(array("%", "_"), array("\\%", "\\_"), $text); 3455 } -
src/wp-includes/formatting.php
3089 3089 } 3090 3090 3091 3091 /** 3092 * Escapes text for SQL LIKE special characters % and _.3093 *3094 * @since 2.5.03095 *3096 * @param string $text The text to be escaped.3097 * @return string text, safe for inclusion in LIKE query.3098 */3099 function like_escape($text) {3100 return str_replace(array("%", "_"), array("\\%", "\\_"), $text);3101 }3102 3103 /**3104 3092 * Convert full URL paths to absolute paths. 3105 3093 * 3106 3094 * Removes the http or https protocols and the domain. Keeps the path '/' at the -
src/wp-includes/functions.php
479 479 480 480 foreach ( $pung as $link_test ) { 481 481 if ( ! in_array( $link_test, $post_links_temp ) ) { // link no longer in post 482 $mids = $wpdb->get_col( $wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, like_escape( $link_test ) . '%') );482 $mids = $wpdb->get_col( $wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE %s", $post_ID, $wpdb->esc_like( $link_test ) . '%') ); 483 483 foreach ( $mids as $mid ) 484 484 delete_metadata_by_mid( 'post', $mid ); 485 485 } … … 498 498 } 499 499 500 500 foreach ( (array) $post_links as $url ) { 501 if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( "SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, like_escape( $url ) . '%' ) ) ) {501 if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( "SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE %s", $post_ID, $wpdb->esc_like( $url ) . '%' ) ) ) { 502 502 503 503 if ( $headers = wp_get_http_headers( $url) ) { 504 504 $len = isset( $headers['content-length'] ) ? (int) $headers['content-length'] : 0; -
src/wp-includes/meta.php
1040 1040 } elseif ( 'BETWEEN' == substr( $meta_compare, -7) ) { 1041 1041 $meta_value = array_slice( $meta_value, 0, 2 ); 1042 1042 $meta_compare_string = '%s AND %s'; 1043 } elseif ( 'LIKE' == substr( $meta_compare, -4) ) {1044 $meta_value = '%' . like_escape( $meta_value ) . '%';1043 } elseif ( 'LIKE' == $meta_compare || 'NOT LIKE' == $meta_compare ) ) { 1044 $meta_value = '%' . $wpdb->esc_like( $meta_value ) . '%'; 1045 1045 $meta_compare_string = '%s'; 1046 1046 } else { 1047 1047 $meta_compare_string = '%s'; -
src/wp-includes/ms-load.php
397 397 398 398 $title = __( 'Error establishing a database connection' ); 399 399 $msg = '<h1>' . $title . '</h1>'; 400 if ( ! is_admin() ) 400 if ( ! is_admin() ) { 401 401 die( $msg ); 402 } 402 403 $msg .= '<p>' . __( 'If your site does not display, please contact the owner of this network.' ) . ''; 403 404 $msg .= ' ' . __( 'If you are the owner of this network please check that MySQL is running properly and all tables are error free.' ) . '</p>'; 404 if ( ! $wpdb->get_var( "SHOW TABLES LIKE '$wpdb->site'" ) ) 405 $query = $wpdb->prepare( "SHOW TABLES LIKE %s", $wpdb->esc_like( $wpdb->site ) ); 406 if ( ! $wpdb->get_var( $query ) ) { 405 407 $msg .= '<p>' . sprintf( __( '<strong>Database tables are missing.</strong> This means that MySQL is not running, WordPress was not installed properly, or someone deleted <code>%s</code>. You really should look at your database now.' ), $wpdb->site ) . '</p>'; 406 else408 } else { 407 409 $msg .= '<p>' . sprintf( __( '<strong>Could not find site <code>%1$s</code>.</strong> Searched for table <code>%2$s</code> in database <code>%3$s</code>. Is that right?' ), rtrim( $domain . $path, '/' ), $wpdb->blogs, DB_NAME ) . '</p>'; 410 } 408 411 $msg .= '<p><strong>' . __( 'What do I do now?' ) . '</strong> '; 409 412 $msg .= __( 'Read the <a target="_blank" href="http://codex.wordpress.org/Debugging_a_WordPress_Network">bug report</a> page. Some of the guidelines there may help you figure out what went wrong.' ); 410 413 $msg .= ' ' . __( 'If you’re still stuck with this message, then check that your database contains the following tables:' ) . '</p><ul>'; -
src/wp-includes/post.php
4674 4674 4675 4675 if ( ! empty($meta['thumb']) ) { 4676 4676 // Don't delete the thumb if another attachment uses it 4677 if (! $wpdb->get_row( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE %s AND post_id <> %d", '%' . $ meta['thumb']. '%', $post_id)) ) {4677 if (! $wpdb->get_row( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE %s AND post_id <> %d", '%' . $wpdb->esc_like( $meta['thumb'] ) . '%', $post_id)) ) { 4678 4678 $thumbfile = str_replace(basename($file), $meta['thumb'], $file); 4679 4679 /** This filter is documented in wp-admin/custom-header.php */ 4680 4680 $thumbfile = apply_filters( 'wp_delete_file', $thumbfile ); -
src/wp-includes/query.php
1977 1977 $searchand = ''; 1978 1978 $q['search_orderby_title'] = array(); 1979 1979 foreach ( $q['search_terms'] as $term ) { 1980 $term = like_escape( esc_sql( $term ) ); 1981 if ( $n ) 1982 $q['search_orderby_title'][] = "$wpdb->posts.post_title LIKE '%$term%'"; 1980 if ( $n ) { 1981 $like = '%' . $wpdb->esc_like( $term ) . '%'; 1982 $q['search_orderby_title'][] = $wpdb->prepare( "$wpdb->posts.post_title LIKE %s", $like ); 1983 } 1983 1984 1984 $search .= "{$searchand}(($wpdb->posts.post_title LIKE '{$n}{$term}{$n}') OR ($wpdb->posts.post_content LIKE '{$n}{$term}{$n}'))"; 1985 $like = $n . $wpdb->esc_like( $term ) . $n; 1986 $search .= $wpdb->prepare( "{$searchand}(($wpdb->posts.post_title LIKE %s) OR ($wpdb->posts.post_content LIKE %s))", $like, $like ); 1985 1987 $searchand = ' AND '; 1986 1988 } 1987 1989 … … 2080 2082 2081 2083 if ( $q['search_terms_count'] > 1 ) { 2082 2084 $num_terms = count( $q['search_orderby_title'] ); 2083 $ search_orderby_s = like_escape( esc_sql( $q['s'] ) );2085 $like = '%' . $wpdb->esc_like( $q['s'] ) . '%'; 2084 2086 2085 2087 $search_orderby = '(CASE '; 2086 2088 // sentence match in 'post_title' 2087 $search_orderby .= "WHEN $wpdb->posts.post_title LIKE '%{$search_orderby_s}%' THEN 1 ";2089 $search_orderby .= $wpdb->prepare( "WHEN $wpdb->posts.post_title LIKE %s THEN 1 ", $like ); 2088 2090 2089 2091 // sanity limit, sort as sentence when more than 6 terms 2090 2092 // (few searches are longer than 6 terms and most titles are not) … … 2097 2099 } 2098 2100 2099 2101 // sentence match in 'post_content' 2100 $search_orderby .= "WHEN $wpdb->posts.post_content LIKE '%{$search_orderby_s}%' THEN 4 ";2102 $search_orderby .= $wpdb->prepare( "WHEN $wpdb->posts.post_content LIKE %s THEN 4 ", $like ); 2101 2103 $search_orderby .= 'ELSE 5 END)'; 2102 2104 } else { 2103 2105 // single word or sentence search -
src/wp-includes/taxonomy.php
1453 1453 } 1454 1454 1455 1455 if ( !empty($name__like) ) { 1456 $name__like = like_escape( $name__like ); 1457 $where .= $wpdb->prepare( " AND t.name LIKE %s", '%' . $name__like . '%' ); 1456 $where .= $wpdb->prepare( " AND t.name LIKE %s", '%' . $wpdb->esc_like( $name__like ) . '%' ); 1458 1457 } 1459 1458 1460 1459 if ( ! empty( $description__like ) ) { 1461 $description__like = like_escape( $description__like ); 1462 $where .= $wpdb->prepare( " AND tt.description LIKE %s", '%' . $description__like . '%' ); 1460 $where .= $wpdb->prepare( " AND tt.description LIKE %s", '%' . $wpdb->esc_like( $description__like ) . '%' ); 1463 1461 } 1464 1462 1465 1463 if ( '' !== $parent ) { … … 1484 1482 } 1485 1483 1486 1484 if ( ! empty( $search ) ) { 1487 $ search = like_escape( $search );1488 $where .= $wpdb->prepare( ' AND ((t.name LIKE %s) OR (t.slug LIKE %s))', '%' . $search . '%', '%' . $search . '%');1485 $like = '%' . $wpdb->esc_like( $search ) . '%'; 1486 $where .= $wpdb->prepare( ' AND ((t.name LIKE %s) OR (t.slug LIKE %s))', $like, $like ); 1489 1487 } 1490 1488 1491 1489 $selects = array(); … … 3931 3929 wp_update_term( $loop_member, $taxonomy, array( 'parent' => 0 ) ); 3932 3930 3933 3931 return $parent; 3934 } 3935 No newline at end of file 3932 } -
src/wp-includes/user.php
797 797 * @return string 798 798 */ 799 799 function get_search_sql( $string, $cols, $wild = false ) { 800 $string = esc_sql( $string );800 global $wpdb; 801 801 802 802 $searches = array(); 803 803 $leading_wild = ( 'leading' == $wild || 'both' == $wild ) ? '%' : ''; … … 804 804 $trailing_wild = ( 'trailing' == $wild || 'both' == $wild ) ? '%' : ''; 805 805 foreach ( $cols as $col ) { 806 806 if ( 'ID' == $col ) 807 $searches[] = "$col = '$string'";807 $searches[] = $wpdb->prepare( "$col = %s", $string ); 808 808 else 809 $searches[] = "$col LIKE '$leading_wild" . like_escape($string) . "$trailing_wild'";809 $searches[] = $wpdb->prepare( "$col LIKE %s", $leading_wild . $wpdb->esc_like( $string ) . $trailing_wild ); 810 810 } 811 811 812 812 return ' AND (' . implode(' OR ', $searches) . ')'; … … 1092 1092 // Build a CPU-intensive query that will return concise information. 1093 1093 $select_count = array(); 1094 1094 foreach ( $avail_roles as $this_role => $name ) { 1095 $select_count[] = "COUNT(NULLIF(`meta_value` LIKE '%\"" . like_escape( $this_role ) . "\"%', false))";1095 $select_count[] = $wpdb->prepare( "COUNT(NULLIF(`meta_value` LIKE %s, false))", '%' . $wpdb->esc_like( '"' . $this_role . '"' ) . '%'); 1096 1096 } 1097 1097 $select_count = implode(', ', $select_count); 1098 1098 -
src/wp-includes/wp-db.php
1169 1169 } 1170 1170 1171 1171 /** 1172 * First half of escaping for LIKE special characters % and _ before preparing for MySQL. 1173 * 1174 * Use this only before wpdb::prepare() or esc_sql(). Reversing the order is very bad for security. 1175 * 1176 * Example Prepared Statement: 1177 * $wild = '%'; 1178 * $find = 'only 43% of planets'; 1179 * $like = $wild . $wpdb->esc_like( $find ) . $wild; 1180 * $sql = $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE post_content LIKE %s", $like ); 1181 * 1182 * Example Escape Chain: 1183 * $sql = esc_sql( $wpdb->esc_like( $input ) ); 1184 * 1185 * @since 4.0.0 1186 * 1187 * @param string $text The raw text to be escaped. The input typed by the user should have no extra or deleted slashes. 1188 * @return string Text in the form of a LIKE phrase. The output is not SQL safe. Call prepare or real_escape next. 1189 */ 1190 function esc_like($text) { 1191 return addcslashes( $text, '_%\\' ); 1192 } 1193 1194 /** 1172 1195 * Print SQL/DB error. 1173 1196 * 1174 1197 * @since 0.71 -
tests/phpunit/tests/db.php
226 226 $prepared = $wpdb->prepare( "SELECT * FROM $wpdb->users WHERE id = $id", $id ); 227 227 $this->assertEquals( "SELECT * FROM $wpdb->users WHERE id = 0", $prepared ); 228 228 } 229 230 /** 231 * @ticket 10041 232 */ 233 function test_esc_like() { 234 global $wpdb; 235 236 $inputs = array( 237 'howdy%', //Single Percent 238 'howdy_', //Single Underscore 239 'howdy\\', //Single slash 240 'howdy\\howdy%howdy_', //The works 241 ); 242 $expected = array( 243 'howdy\\%', 244 'howdy\\_', 245 'howdy\\\\', 246 'howdy\\\\howdy\\%howdy\\_' 247 ); 248 249 foreach ($inputs as $key => $input) { 250 $this->assertEquals($expected[$key], $wpdb->esc_like($input)); 251 } 252 } 253 254 /** 255 * Test LIKE Queries 256 * 257 * Make sure $wpdb is fully compatible with esc_like() by testing the identity of various strings. 258 * When escaped properly, a string literal is always LIKE itself (1) 259 * and never LIKE any other string literal (0) no matter how crazy the SQL looks. 260 * 261 * @ticket 10041 262 * @dataProvider data_like_query 263 * @param $data string The haystack, raw. 264 * @param $like string The like phrase, raw. 265 * @param $result string The expected comparison result; '1' = true, '0' = false 266 */ 267 function test_like_query( $data, $like, $result ) { 268 global $wpdb; 269 return $this->assertEquals( $result, $wpdb->get_var( $wpdb->prepare( "SELECT %s LIKE %s", $data, $wpdb->esc_like( $like ) ) ) ); 270 } 271 272 function data_like_query() { 273 return array( 274 array( 275 'aaa', 276 'aaa', 277 '1', 278 ), 279 array( 280 'a\\aa', // SELECT 'a\\aa' # This represents a\aa in both languages. 281 'a\\aa', // LIKE 'a\\\\aa' 282 '1', 283 ), 284 array( 285 'a%aa', 286 'a%aa', 287 '1', 288 ), 289 array( 290 'aaaa', 291 'a%aa', 292 '0', 293 ), 294 array( 295 'a\\%aa', // SELECT 'a\\%aa' 296 'a\\%aa', // LIKE 'a\\\\\\%aa' # The PHP literal would be "LIKE 'a\\\\\\\\\\\\%aa'". This is why we need reliable escape functions! 297 '1', 298 ), 299 array( 300 'a%aa', 301 'a\\%aa', 302 '0', 303 ), 304 array( 305 'a\\%aa', 306 'a%aa', 307 '0', 308 ), 309 array( 310 'a_aa', 311 'a_aa', 312 '1', 313 ), 314 array( 315 'aaaa', 316 'a_aa', 317 '0', 318 ), 319 ); 320 } 229 321 } -
tests/phpunit/tests/formatting/LikeEscape.php
1 <?php2 3 /**4 * @group formatting5 */6 class Tests_Formatting_LikeEscape extends WP_UnitTestCase {7 /**8 * @ticket 100419 */10 function test_like_escape() {11 12 $inputs = array(13 'howdy%', //Single Percent14 'howdy_', //Single Underscore15 'howdy\\', //Single slash16 'howdy\\howdy%howdy_', //The works17 );18 $expected = array(19 "howdy\\%",20 'howdy\\_',21 'howdy\\\\',22 'howdy\\\\howdy\\%howdy\\_'23 );24 25 foreach ($inputs as $key => $input) {26 $this->assertEquals($expected[$key], like_escape($input));27 }28 }29 }