WordPress.org

Make WordPress Core

Opened 2 years ago

Closed 12 months ago

#20223 closed enhancement (invalid)

simulate mysql_real_escape_string when not yet connected to DB

Reported by: scottconnerly Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.3.1
Component: Database Keywords: has-patch
Focuses: Cc:

Description

Currently wpdb::_real_escape() falls back to addslashes() when you're not yet connected to the database

Instead, have it fall back to a closer mimic of mysql_real_escape_string():

Use this to make patch:
http://pastebin.com/5vMaBhQe

Reference:
http://dev.mysql.com/doc/refman/5.0/en/mysql-real-escape-string.html
http://www.php.net/manual/en/function.mysql-real-escape-string.php

Attachments (2)

20223.patch (561 bytes) - added by kurtpayne 2 years ago.
Better replacement for mysql_real_escape_string
20223-unit-test.patch (1.8 KB) - added by kurtpayne 2 years ago.
Unit test for mysql_real_scape_string and fallback logic

Download all attachments as: .zip

Change History (4)

kurtpayne2 years ago

Better replacement for mysql_real_escape_string

comment:1 kurtpayne2 years ago

  • Cc kpayne@… added
  • Keywords has-patch added; needs-patch removed

This seems like a good idea. wpdb::weak_escape is already present as a wrapper to addslashes.

kurtpayne2 years ago

Unit test for mysql_real_scape_string and fallback logic

comment:2 nacin12 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

We're actually always connected to the DB, so this is invalid. See also [24712].

Note: See TracTickets for help on using tickets.