[wp-trac] [WordPress Trac] #26106: Passing empty array to wpdb::update() generates invalid SQL
WordPress Trac
noreply at wordpress.org
Tue Sep 2 02:10:39 UTC 2014
#26106: Passing empty array to wpdb::update() generates invalid SQL
--------------------------+-----------------------------
Reporter: Viper007Bond | Owner: wonderboymusic
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: 4.0
Component: Database | Version:
Severity: normal | Resolution:
Keywords: dev-feedback | Focuses:
--------------------------+-----------------------------
Comment (by nacin):
In this case, the update() method still rejects any $where that is not an
array. So this requires an explicit empty `array()` to be passed. Is that
really enough to prevent issues like this?
{{{
$where = array();
if ( something ) {
$where[] = ...;
} elseif ( something else ) {
$where[] = ...;
}
$wpdb->update( $table, $data, $where ); // oops, $where = array()
}}}
Maybe I'm just assuming too little of developers, but it's very possible
that at least one plugin is making this mistake '''right now''' and we're
going from a quiet SQL error to '''wiping the entire table''' with the 4.0
update.
I'd probably rather see separate update_all() and delete_all() methods or
something.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/26106#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list