DB error when sanitized search string results in empty query
|Reported by:||zippity||Owned by:||charleshooper|
|Component:||General||Keywords:||has-patch needs-testing 2nd-opinion|
When entering a comma "," into the search function, you get the following error displayed at top of page:
WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND ((post_status = 'publish' OR post_status = 'private')) ORDER BY post_dat' at line 1]
SELECT SQL_CALC_FOUND_ROWS wp_posts.* FROM wp_posts WHERE 1=1 AND () AND ((post_status = 'publish' OR post_status = 'private')) ORDER BY post_date DESC LIMIT 0, 10
Multiple commas produce the same result.
If you enter anything in addition to the comma, it works fine.
Change History (12)
comment:3 charleshooper — 7 years ago
- Keywords has-patch needs-testing 2nd-opinion added
- Status changed from new to assigned
comment:4 charleshooper — 7 years ago
- Component changed from Security to General
- Summary changed from Search string does not sanitize commas to DB error when sanitized search string results in empty query