[wp-trac] [WordPress Trac] #32315: $wpdb->insert fails without error msg
WordPress Trac
noreply at wordpress.org
Mon Nov 7 01:36:04 UTC 2016
#32315: $wpdb->insert fails without error msg
------------------------------------------+------------------------------
Reporter: dlt101 | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Database | Version:
Severity: normal | Resolution:
Keywords: needs-patch needs-unit-tests | Focuses:
------------------------------------------+------------------------------
Comment (by pento):
Replying to [comment:22 datainterlock]:
> If you're dead set on making this error, tell me. What's the purpose of
having insert and update when wp-query WILL truncate and insert?
`::query()` is generally used for more complex queries that don't fit into
the CRUD model. It has a valid purpose, but it's not necessary for basic
INSERT and UPDATE queries.
> Why would i even waste my time coding a wp-insert when a wp-query
wouldnt fail with the same exact query? In order to keep wp-insert from
erroring, the vars will have to be checked for size prior to inserting. A
huge waste and will still get truncated by the dev anyway. I say again, it
should truncate and insert or update. That's how php works.
You're welcome to do whatever you like on your own site, but I'd strongly
recommend against it.
As has been mentioned several times on this ticket, allowing the database
to truncate the string will almost certainly introduce significant
security issues, as any data sanitisation you've run prior to insert (for
example, using KSES to remove invalid HTML), will no longer be valid.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32315#comment:23>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list