WordPress.org

Make WordPress Core

Changeset 39275


Ignore:
Timestamp:
11/17/2016 04:20:22 AM (19 months ago)
Author:
pento
Message:

Database: Add support for LIKE-escaped tables in ::get_table_from_query().

The SHOW TABLES LIKE query can be used to search for tables that match a pattern, wp\_123\_%, for example. While this isn't the name of an actual table, the wp_123_ prefix can be used by database drop-ins to direct the query correctly. This change removes the escaping and % modifier, to provide this usable prefix.

Props andy, pento.
Fixes #38751.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/wp-db.php

    r39188 r39275  
    30383038        }
    30393039
    3040         // SHOW TABLE STATUS and SHOW TABLES
    3041         if ( preg_match( '/^\s*(?:'
    3042                 . 'SHOW\s+TABLE\s+STATUS.+(?:LIKE\s+|WHERE\s+Name\s*=\s*)'
    3043                 . '|SHOW\s+(?:FULL\s+)?TABLES.+(?:LIKE\s+|WHERE\s+Name\s*=\s*)'
    3044                 . ')\W((?:[0-9a-zA-Z$_.`-]|[\xC2-\xDF][\x80-\xBF])+)\W/is', $query, $maybe ) ) {
    3045             return str_replace( '`', '', $maybe[1] );
     3040        // SHOW TABLE STATUS and SHOW TABLES WHERE Name = 'wp_posts'
     3041        if ( preg_match( '/^\s*SHOW\s+(?:TABLE\s+STATUS|(?:FULL\s+)?TABLES).+WHERE\s+Name\s*=\s*("|\')((?:[0-9a-zA-Z$_.-]|[\xC2-\xDF][\x80-\xBF])+)\\1/is', $query, $maybe ) ) {
     3042            return $maybe[2];
     3043        }
     3044
     3045        // SHOW TABLE STATUS LIKE and SHOW TABLES LIKE 'wp\_123\_%'
     3046        // This quoted LIKE operand seldom holds a full table name.
     3047        // It is usually a pattern for matching a prefix so we just
     3048        // strip the trailing % and unescape the _ to get 'wp_123_'
     3049        // which drop-ins can use for routing these SQL statements.
     3050        if ( preg_match( '/^\s*SHOW\s+(?:TABLE\s+STATUS|(?:FULL\s+)?TABLES)\s+(?:WHERE\s+Name\s+)?LIKE\s*("|\')((?:[\\\\0-9a-zA-Z$_.-]|[\xC2-\xDF][\x80-\xBF])+)%?\\1/is', $query, $maybe ) ) {
     3051            return str_replace( '\\_', '_', $maybe[2] );
    30463052        }
    30473053
  • trunk/tests/phpunit/tests/db.php

    r38580 r39275  
    566566            "DELETE `a` FROM $table a",
    567567
    568             // STATUS
    569             "SHOW TABLE STATUS LIKE '$table'",
    570             "SHOW TABLE STATUS WHERE NAME='$table'",
    571 
    572             "SHOW TABLES LIKE '$table'",
    573             "SHOW FULL TABLES LIKE '$table'",
    574             "SHOW TABLES WHERE NAME='$table'",
    575 
    576568            // Extended
    577569            "EXPLAIN SELECT * FROM $table",
     
    672664
    673665    /**
     666     * @ticket 38751
     667     */
     668    function data_get_escaped_table_from_show_query() {
     669        return array(
     670            // Equality
     671            array( "SHOW TABLE STATUS WHERE Name = 'test_name'", 'test_name' ),
     672            array( "SHOW TABLE STATUS WHERE NAME=\"test_name\"", 'test_name' ),
     673            array( "SHOW TABLES WHERE Name = \"test_name\"",     'test_name' ),
     674            array( "SHOW FULL TABLES WHERE Name='test_name'",    'test_name' ),
     675
     676            // LIKE
     677            array( "SHOW TABLE STATUS LIKE 'test\_prefix\_%'",   'test_prefix_' ),
     678            array( "SHOW TABLE STATUS LIKE \"test\_prefix\_%\"", 'test_prefix_' ),
     679            array( "SHOW TABLES LIKE 'test\_prefix\_%'",         'test_prefix_' ),
     680            array( "SHOW FULL TABLES LIKE \"test\_prefix\_%\"",  'test_prefix_' ),
     681        );
     682    }
     683
     684    /**
     685     * @dataProvider data_get_escaped_table_from_show_query
     686     * @ticket 38751
     687     */
     688    function test_get_escaped_table_from_show_query( $query, $table ) {
     689        $this->assertEquals( $table, self::$_wpdb->get_table_from_query( $query ) );
     690    }
     691
     692    /**
    674693     * @ticket 21212
    675694     */
Note: See TracChangeset for help on using the changeset viewer.