| 398 | |
| 399 | /** |
| 400 | * @ticket 42040 |
| 401 | * @expectedIncorrectUsage wpdb::prepare |
| 402 | */ |
| 403 | public function test_prepare_invalid_args_count_more_args_case1() |
| 404 | { |
| 405 | global $wpdb; |
| 406 | |
| 407 | // when coma seperated arguments are passed |
| 408 | $prepared = @$wpdb->prepare("SELECT * FROM $wpdb->users WHERE id = %d AND user_login = %s", 1, "admin", "extra-arg"); |
| 409 | $this->assertEquals("SELECT * FROM $wpdb->users WHERE id = 1 AND user_login = 'admin'", $prepared); |
| 410 | } |
| 411 | |
| 412 | /** |
| 413 | * @ticket 42040 |
| 414 | * @expectedIncorrectUsage wpdb::prepare |
| 415 | */ |
| 416 | public function test_prepare_invalid_args_count_more_args_case2() |
| 417 | { |
| 418 | global $wpdb; |
| 419 | |
| 420 | // when argument is passed as an array |
| 421 | $prepared = @$wpdb->prepare("SELECT * FROM $wpdb->users WHERE id = %d AND user_login = %s", array( 1,"admin", "extra-arg")); |
| 422 | $this->assertEquals("SELECT * FROM $wpdb->users WHERE id = 1 AND user_login = 'admin'", $prepared); |
| 423 | } |
| 424 | |
| 425 | /** |
| 426 | * @ticket 42040 |
| 427 | * @expectedIncorrectUsage wpdb::prepare |
| 428 | */ |
| 429 | public function test_prepare_invalid_args_count_more_args_case3() |
| 430 | { |
| 431 | global $wpdb; |
| 432 | |
| 433 | // case to check if it ignores %% |
| 434 | $prepared = @$wpdb->prepare("SELECT * FROM $wpdb->users WHERE id = %d AND %% AND user_login = %s", 1, "admin", "extra-arg"); |
| 435 | $this->assertEquals("SELECT * FROM $wpdb->users WHERE id = 1 AND % AND user_login = 'admin'", $prepared); |
| 436 | |
| 437 | } |
| 438 | |
| 439 | /** |
| 440 | * @ticket 42040 |
| 441 | * @expectedIncorrectUsage wpdb::prepare |
| 442 | */ |
| 443 | public function test_prepare_invalid_args_count_more_args_case4() |
| 444 | { |
| 445 | global $wpdb; |
| 446 | |
| 447 | //case with multiple patterns clubbed together and also Testing %F pattern detection |
| 448 | // Note: Floats getting converted to 6 decimal place after - which is not 42040 patch is about |
| 449 | $prepared = @$wpdb->prepare("SELECT * FROM $wpdb->users WHERE id = %%%d AND %F AND %f AND user_login = %s", 1, 2.3, "4.5", "admin", "extra-arg"); |
| 450 | $this->assertEquals("SELECT * FROM wptests_users WHERE id = %1 AND 2.300000 AND 4.500000 AND user_login = 'admin'", $prepared); |
| 451 | |
| 452 | } |
| 453 | |
| 454 | /** |
| 455 | * @ticket 42040 |
| 456 | * @expectedIncorrectUsage wpdb::prepare |
| 457 | */ |
| 458 | public function test_prepare_invalid_args_count_more_args_double_notice() |
| 459 | { |
| 460 | global $wpdb; |
| 461 | |
| 462 | //case with double IncorrectUsage |
| 463 | $prepared = @$wpdb->prepare("SELECT * FROM $wpdb->users WHERE id = %d AND user_login = %s", array( 1 ), "admin", "extra-arg"); |
| 464 | $this->assertEquals("SELECT * FROM $wpdb->users WHERE id = 0 AND user_login = 'admin'", $prepared); |
| 465 | |
| 466 | } |
| 467 | |
| 468 | |
| 469 | |
| 470 | |
| 471 | /** |
| 472 | * @ticket 42040 |
| 473 | * @expectedIncorrectUsage wpdb::prepare |
| 474 | */ |
| 475 | public function test_prepare_invalid_args_count_less_args_case1() |
| 476 | { |
| 477 | global $wpdb; |
| 478 | $prepared = @$wpdb->prepare("SELECT * FROM $wpdb->users WHERE id = %d and user_nicename = %s and user_status =%d and user_login = %s", 1, "admin", 0); |
| 479 | $this->assertEquals("", $prepared); |
| 480 | |
| 481 | } |
| 482 | |
| 483 | /** |
| 484 | * @ticket 42040 |
| 485 | * @expectedIncorrectUsage wpdb::prepare |
| 486 | */ |
| 487 | public function test_prepare_invalid_args_count_less_args_case2() |
| 488 | { |
| 489 | global $wpdb; |
| 490 | $prepared = @$wpdb->prepare("SELECT * FROM $wpdb->users WHERE id = %d and user_nicename = %s and user_status =%d and user_login = %s", array( 1,"admin", 0 )); |
| 491 | $this->assertEquals("", $prepared); |
| 492 | } |
| 493 | |
| 494 | /** |
| 495 | * @ticket 42040 |
| 496 | * @expectedIncorrectUsage wpdb::prepare |
| 497 | */ |
| 498 | public function test_prepare_invalid_args_count_less_args_case3() |
| 499 | { |
| 500 | global $wpdb; |
| 501 | $prepared = @$wpdb->prepare("SELECT * FROM $wpdb->users WHERE id = %d and %% and user_login = %s and user_status =%d and user_login = %s", 1, "admin", "extra-arg"); |
| 502 | $this->assertEquals("", $prepared); |
| 503 | |
| 504 | } |
| 505 | |
| 506 | |