Changeset 32374
- Timestamp:
- 05/06/2015 06:04:50 AM (9 years ago)
- Location:
- trunk
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/wp-db.php
r32368 r32374 2532 2532 // We don't need to check the collation for queries that don't read data. 2533 2533 $query = ltrim( $query, "\r\n\t (" ); 2534 if ( preg_match( '/^(?:SHOW|DESCRIBE|DESC|EXPLAIN )\s/i', $query ) ) {2534 if ( preg_match( '/^(?:SHOW|DESCRIBE|DESC|EXPLAIN|CREATE)\s/i', $query ) ) { 2535 2535 return true; 2536 2536 } … … 2742 2742 */ 2743 2743 protected function strip_invalid_text_from_query( $query ) { 2744 // We don't need to check the collation for queries that don't read data. 2745 $trimmed_query = ltrim( $query, "\r\n\t (" ); 2746 if ( preg_match( '/^(?:SHOW|DESCRIBE|DESC|EXPLAIN|CREATE)\s/i', $trimmed_query ) ) { 2747 return $query; 2748 } 2749 2744 2750 $table = $this->get_table_from_query( $query ); 2745 2751 if ( $table ) { -
trunk/tests/phpunit/tests/db/charset.php
r32364 r32374 644 644 645 645 /** 646 * @ticket 32104 647 */ 648 function data_dont_strip_text_from_schema_queries() { 649 // An obviously invalid and fake table name. 650 $table_name = "\xff\xff\xff\xff"; 651 652 $queries = array( 653 "SHOW CREATE TABLE $table_name", 654 "DESCRIBE $table_name", 655 "DESC $table_name", 656 "EXPLAIN SELECT * FROM $table_name", 657 "CREATE $table_name( a VARCHAR(100))", 658 ); 659 660 foreach ( $queries as &$query ) { 661 $query = array( $query ); 662 } 663 unset( $query ); 664 665 return $queries; 666 } 667 668 /** 669 * @dataProvider data_dont_strip_text_from_schema_queries 670 * @ticket 32104 671 */ 672 function test_dont_strip_text_from_schema_queries( $query ) { 673 $return = self::$_wpdb->strip_invalid_text_from_query( $query ); 674 $this->assertEquals( $query, $return ); 675 } 676 677 /** 646 678 * @ticket 21212 647 679 */
Note: See TracChangeset
for help on using the changeset viewer.