Opened 7 years ago
Last modified 7 years ago
#43664 new defect (bug)
$wpdb->get_results fails in specific cases with non-latin charaters in where clause
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | 4.9.4 |
Component: | Database | Keywords: | needs-patch has-unit-tests |
Focuses: | Cc: |
Description
Let's say we have user with display name 'Алексей';
$wpdb->get_results("SELECT user_login FROM $wpdb->users where `display_name`='Алексей' ", ARRAY_A);
executes normally
$wpdb->get_results("SELECT user_login AS 'russian person' FROM $wpdb->users where `display_name`='Алексей' ", ARRAY_A);
executes normally as well
but
$wpdb->get_results("SELECT user_login AS 'person from Russia' FROM $wpdb->users where `display_name`='Алексей' ", ARRAY_A);
returns empty array and results in error:
[table <table_prefix> Russia.doesn't exist]
SHOW FULL COLUMNS FROM Russia
That means 'from' in 'person from Russia' somehow gets in sql
It's an obscure enough situation, but might signify that something is wrong with wpdb query handling
most likely the culprit is regexp in
get_table_from_query
function inwp-includes/wp-db.php
It is called from
check_safe_collation
on non-asciii queries.Possible solution would be to assume that last 'from' in query should be used and therefore non-greedy modifier should be dropped from select-from matching, so
SELECT.*?\s+FROM
should beSELECT.*\s+FROM