Changeset 32403
- Timestamp:
- 05/06/2015 08:03:22 PM (10 years ago)
- Location:
- branches/4.0
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.0/src/wp-includes/wp-db.php
r32397 r32403 2502 2502 // We don't need to check the collation for queries that don't read data. 2503 2503 $query = ltrim( $query, "\r\n\t (" ); 2504 if ( preg_match( '/^(?:SHOW|DESCRIBE|DESC|EXPLAIN )\s/i', $query ) ) {2504 if ( preg_match( '/^(?:SHOW|DESCRIBE|DESC|EXPLAIN|CREATE)\s/i', $query ) ) { 2505 2505 return true; 2506 2506 } … … 2713 2713 */ 2714 2714 protected function strip_invalid_text_from_query( $query ) { 2715 // We don't need to check the collation for queries that don't read data. 2716 $trimmed_query = ltrim( $query, "\r\n\t (" ); 2717 if ( preg_match( '/^(?:SHOW|DESCRIBE|DESC|EXPLAIN|CREATE)\s/i', $trimmed_query ) ) { 2718 return $query; 2719 } 2720 2715 2721 $table = $this->get_table_from_query( $query ); 2716 2722 if ( $table ) { -
branches/4.0/tests/phpunit/tests/db/charset.php
r32388 r32403 640 640 641 641 /** 642 * @ticket 32104 643 */ 644 function data_dont_strip_text_from_schema_queries() { 645 // An obviously invalid and fake table name. 646 $table_name = "\xff\xff\xff\xff"; 647 648 $queries = array( 649 "SHOW CREATE TABLE $table_name", 650 "DESCRIBE $table_name", 651 "DESC $table_name", 652 "EXPLAIN SELECT * FROM $table_name", 653 "CREATE $table_name( a VARCHAR(100))", 654 ); 655 656 foreach ( $queries as &$query ) { 657 $query = array( $query ); 658 } 659 unset( $query ); 660 661 return $queries; 662 } 663 664 /** 665 * @dataProvider data_dont_strip_text_from_schema_queries 666 * @ticket 32104 667 */ 668 function test_dont_strip_text_from_schema_queries( $query ) { 669 $return = self::$_wpdb->strip_invalid_text_from_query( $query ); 670 $this->assertEquals( $query, $return ); 671 } 672 673 /** 642 674 * @ticket 21212 643 675 */
Note: See TracChangeset
for help on using the changeset viewer.