Make WordPress Core

Changeset 55157


Ignore:
Timestamp:
01/28/2023 01:46:16 PM (17 months ago)
Author:
SergeyBiryukov
Message:

Database: Replace str_ends_with() usage in wpdb::prepare().

This avoids a fatal error if the file is included directly outside of WordPress core, e.g. by HyperDB.

While WordPress core does include a polyfill function, it is not directly loaded in the wpdb class.

This commit replaces the str_ends_with() calls with substr_compare() for now.

Follow-up to [55151].

Props Otto42.
See #52506.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/class-wpdb.php

    r55151 r55157  
    15621562            $type   = substr( $placeholder, -1 );
    15631563
    1564             if ( 'f' === $type && true === $this->allow_unsafe_unquoted_parameters && str_ends_with( $split_query[ $key - 1 ], '%' ) ) {
     1564            if ( 'f' === $type && true === $this->allow_unsafe_unquoted_parameters
     1565                && 0 === substr_compare( $split_query[ $key - 1 ], '%', -1, 1 )
     1566            ) {
    15651567
    15661568                /*
     
    16211623                     * Second, if "%s" has a "%" before it, even if it's unrelated (e.g. "LIKE '%%%s%%'").
    16221624                     */
    1623                     if ( true !== $this->allow_unsafe_unquoted_parameters || ( '' === $format && ! str_ends_with( $split_query[ $key - 1 ], '%' ) ) ) {
     1625                    if ( true !== $this->allow_unsafe_unquoted_parameters
     1626                        || ( '' === $format && 0 !== substr_compare( $split_query[ $key - 1 ], '%', -1, 1 ) )
     1627                    ) {
    16241628                        $placeholder = "'%" . $format . "s'";
    16251629                    }
Note: See TracChangeset for help on using the changeset viewer.