WordPress.org

Make WordPress Core


Ignore:
Timestamp:
01/10/2016 03:25:15 AM (5 years ago)
Author:
boonebgorges
Message:

Avoid invalid SQL when building ORDER BY clause using long search strings.

The introduction of negative search terms in 4.4 [34934] introduced the
possibility that the ORDER BY clause of a search query could be assembled in
such a way as to create invalid syntax. The current changeset fixes this by
ensuring that the ORDER BY clause corresponding to the search terms is
excluded when it would otherwise be empty.

Props salvoaranzulla.
Fixes #35361.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/query.php

    r36138 r36251  
    22692269            }
    22702270
    2271             $search_orderby = '(CASE ';
     2271            $search_orderby = '';
    22722272
    22732273            // sentence match in 'post_title'
     
    22902290                $search_orderby .= $wpdb->prepare( "WHEN $wpdb->posts.post_content LIKE %s THEN 4 ", $like );
    22912291            }
    2292             $search_orderby .= 'ELSE 5 END)';
     2292
     2293            if ( $search_orderby ) {
     2294                $search_orderby = '(CASE ' . $search_orderby . 'ELSE 5 END)';
     2295            }
    22932296        } else {
    22942297            // single word or sentence search
Note: See TracChangeset for help on using the changeset viewer.