Ticket #38751: 38751.4.diff
File 38751.4.diff, 3.2 KB (added by , 8 years ago) |
---|
-
src/wp-includes/wp-db.php
3037 3037 return str_replace( '`', '', $maybe[1] ); 3038 3038 } 3039 3039 3040 // SHOW TABLE STATUS and SHOW TABLES 3041 if ( preg_match( '/^\s*(?:' 3042 . 'SHOW\s+TABLE\s+STATUS.+(?:LIKE\s+|WHERE\s+Name\s*=\s*)' 3043 . '|SHOW\s+(?:FULL\s+)?TABLES.+(?:LIKE\s+|WHERE\s+Name\s*=\s*)' 3044 . ')\W((?:[0-9a-zA-Z$_.`-]|[\xC2-\xDF][\x80-\xBF])+)\W/is', $query, $maybe ) ) { 3045 return str_replace( '`', '', $maybe[1] ); 3040 // SHOW TABLE STATUS and SHOW TABLES WHERE Name = 'wp_posts' 3041 if ( preg_match( '/^\s*SHOW\s+(?:TABLE\s+STATUS|(?:FULL\s+)?TABLES).+WHERE\s+Name\s*=\s*("|\')((?:[0-9a-zA-Z$_.-]|[\xC2-\xDF][\x80-\xBF])+)\\1/is', $query, $maybe ) ) { 3042 return $maybe[2]; 3046 3043 } 3047 3044 3045 // SHOW TABLE STATUS LIKE and SHOW TABLES LIKE 'wp\_123\_%' 3046 // This quoted LIKE operand seldom holds a full table name. 3047 // It is usually a pattern for matching a prefix so we just 3048 // strip the trailing % and unescape the _ to get 'wp_123_' 3049 // which drop-ins can use for routing these SQL statements. 3050 if ( preg_match( '/^\s*SHOW\s+(?:TABLE\s+STATUS|(?:FULL\s+)?TABLES)\s+(?:WHERE\s+Name\s+)?LIKE\s*("|\')((?:[\\\\0-9a-zA-Z$_.-]|[\xC2-\xDF][\x80-\xBF])+)%?\\1/is', $query, $maybe ) ) { 3051 return str_replace( '\\_', '_', $maybe[2] ); 3052 } 3053 3048 3054 // Big pattern for the rest of the table-related queries. 3049 3055 if ( preg_match( '/^\s*(?:' 3050 3056 . '(?:EXPLAIN\s+(?:EXTENDED\s+)?)?SELECT.*?\s+FROM' -
tests/phpunit/tests/db.php
565 565 "DELETE a FROM $table a", 566 566 "DELETE `a` FROM $table a", 567 567 568 // STATUS569 "SHOW TABLE STATUS LIKE '$table'",570 "SHOW TABLE STATUS WHERE NAME='$table'",571 572 "SHOW TABLES LIKE '$table'",573 "SHOW FULL TABLES LIKE '$table'",574 "SHOW TABLES WHERE NAME='$table'",575 576 568 // Extended 577 569 "EXPLAIN SELECT * FROM $table", 578 570 "EXPLAIN EXTENDED SELECT * FROM $table", … … 671 663 } 672 664 673 665 /** 666 * @ticket 38751 667 */ 668 function data_get_escaped_table_from_show_query() { 669 return array( 670 // Equality 671 array( "SHOW TABLE STATUS WHERE Name = 'test_name'", 'test_name' ), 672 array( "SHOW TABLE STATUS WHERE NAME=\"test_name\"", 'test_name' ), 673 array( "SHOW TABLES WHERE Name = \"test_name\"", 'test_name' ), 674 array( "SHOW FULL TABLES WHERE Name='test_name'", 'test_name' ), 675 676 // LIKE 677 array( "SHOW TABLE STATUS LIKE 'test\_prefix\_%'", 'test_prefix_' ), 678 array( "SHOW TABLE STATUS LIKE \"test\_prefix\_%\"", 'test_prefix_' ), 679 array( "SHOW TABLES LIKE 'test\_prefix\_%'", 'test_prefix_' ), 680 array( "SHOW FULL TABLES LIKE \"test\_prefix\_%\"", 'test_prefix_' ), 681 ); 682 } 683 684 /** 685 * @dataProvider data_get_escaped_table_from_show_query 686 * @ticket 38751 687 */ 688 function test_get_escaped_table_from_show_query( $query, $table ) { 689 $this->assertEquals( $table, self::$_wpdb->get_table_from_query( $query ) ); 690 } 691 692 /** 674 693 * @ticket 21212 675 694 */ 676 695 function data_process_field_formats() {