[wp-trac] [WordPress Trac] #52506: Add escaping method for table names in SQL queries
WordPress Trac
noreply at wordpress.org
Sat Jan 28 13:46:32 UTC 2023
#52506: Add escaping method for table names in SQL queries
-------------------------------------------------+-------------------------
Reporter: tellyworth | Owner:
| davidbaumwald
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: 6.2
Component: Database | Version:
Severity: normal | Resolution:
Keywords: has-unit-tests early needs-docs | Focuses:
has-patch needs-testing needs-dev-note | performance
-------------------------------------------------+-------------------------
Comment (by SergeyBiryukov):
In [changeset:"55157" 55157]:
{{{
#!CommitTicketReference repository="" revision="55157"
Database: Replace `str_ends_with()` usage in `wpdb::prepare()`.
This avoids a fatal error if the file is included directly outside of
WordPress core, e.g. by HyperDB.
While WordPress core does include a polyfill function, it is not directly
loaded in the `wpdb` class.
This commit replaces the `str_ends_with()` calls with `substr_compare()`
for now.
Follow-up to [55151].
Props Otto42.
See #52506.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52506#comment:74>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list