Make WordPress Core


Ignore:
Timestamp:
07/17/2015 07:06:33 AM (9 years ago)
Author:
pento
Message:

WPDB: ::strip_text_from_query() doesn't pass a length to ::strip_invalid_text(), which was causing queries to fail when they contained characters that needed to be sanity checked by MySQL.

Props dd32, mdawaffe, pento.

Fixes #32279.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/tests/phpunit/tests/db/charset.php

    r33308 r33310  
    214214                'expected' => "\xd8ord\xd0ress",
    215215                'length'   => array( 'type' => 'char', 'length' => 100 ),
     216            ),
     217            'cp1251_no_length' => array(
     218                'charset'  => 'cp1251',
     219                'value'    => "\xd8ord\xd0ress",
     220                'expected' => "\xd8ord\xd0ress",
     221                'length'   => false,
     222            ),
     223            'cp1251_no_length_ascii' => array(
     224                'charset'  => 'cp1251',
     225                'value'    => "WordPress",
     226                'expected' => "WordPress",
     227                'length'   => false,
     228                // Don't set 'ascii' => true/false.
     229                // That's a different codepath than it being unset even if
     230                // three's only only ASCII in the value.
    216231            ),
    217232            'cp1251_char_length' => array(
     
    808823        $this->assertEquals( 255, strlen( $stripped ) );
    809824    }
     825
     826    /**
     827     * @ticket 32279
     828     */
     829    function test_strip_invalid_text_from_query_cp1251_is_safe() {
     830        $tablename = 'test_cp1251_query_' . rand_str( 5 );
     831        if ( ! self::$_wpdb->query( "CREATE TABLE $tablename ( a VARCHAR(50) ) DEFAULT CHARSET 'cp1251'" ) ) {
     832            $this->markTestSkipped( "Test requires the 'cp1251' charset" );
     833        }
     834
     835        $safe_query = "INSERT INTO $tablename( `a` ) VALUES( 'safe data' )";
     836        $stripped_query = self::$_wpdb->strip_invalid_text_from_query( $safe_query );
     837
     838        self::$_wpdb->query( "DROP TABLE $tablename" );
     839
     840        $this->assertEquals( $safe_query, $stripped_query );
     841    }
    810842}
Note: See TracChangeset for help on using the changeset viewer.