[wp-hackers] small wp-db.php code question
Simon Courtenage
courtenage at gmail.com
Tue Sep 18 06:56:46 UTC 2012
Dear wp-hackers,
I'm going through the WP code line-by-line as part of a new project and
have come across the code for the prepare function in wp-db.php. This
function
can take a variable number of arguments (up to 3 according to the comments
and usages). However, I think there is an issue with the 3rd argument,
when present, being over-written by the code. The prepare() code is
//////
function prepare( $query = null ) { // ( $query, *$args )
if ( is_null( $query ) )
return;
$args = func_get_args();
array_shift( $args );
// If args were passed as an array (as in vsprintf), move them up
if ( isset( $args[0] ) && is_array($args[0]) )
$args = $args[0]; // QUESTION
$query = str_replace( "'%s'", '%s', $query ); // in case someone
mistakenly already singlequoted it
$query = str_replace( '"%s"', '%s', $query ); // doublequote
unquoting
$query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the
strings, avoiding escaped strings like %%s
array_walk( $args, array( &$this, 'escape_by_ref' ) );
return @vsprintf( $query, $args );
}
//////
The issue lies with the line I've commented with 'QUESTION'. This
overwrites the arg array obtained from func_get_args() with the second
argument (after the first was popped from the array) - hence the 3rd arg is
lost. Have I missed something / is this intended behaviour / is this a bug?
Thanks for reading my first post to this list!
Regards
Simon Courtenage
--
Join me on msgmash <http://www.msgmash.com>!
More information about the wp-hackers
mailing list