From 6e7fff514b9c4930090aeeb19fe74662584f1634 Mon Sep 17 00:00:00 2001 From: Gary Pendergast Date: Wed, 6 May 2015 05:01:26 +0000 Subject: [PATCH] WPDB: Allow queries to reference tables in the `dbname.tablename` format, and allow table names to contain any valid character, rather than just ASCII. Props pento, willstedt for the initial patch. See #32090. Built from https://develop.svn.wordpress.org/trunk@32368 git-svn-id: http://core.svn.wordpress.org/trunk@32338 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/version.php | 2 +- wp-includes/wp-db.php | 17 ++++++++++------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/wp-includes/version.php b/wp-includes/version.php index c5c7c600bd..85d74d90e0 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.3-alpha-32366'; +$wp_version = '4.3-alpha-32368'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. diff --git a/wp-includes/wp-db.php b/wp-includes/wp-db.php index 4be05e6ec6..c6ceabab1c 100644 --- a/wp-includes/wp-db.php +++ b/wp-includes/wp-db.php @@ -2266,7 +2266,10 @@ class wpdb { } $charsets = $columns = array(); - $results = $this->get_results( "SHOW FULL COLUMNS FROM `$table`" ); + + $table_parts = explode( '.', $table ); + $table = '`' . implode( '`.`', $table_parts ) . '`'; + $results = $this->get_results( "SHOW FULL COLUMNS FROM $table" ); if ( ! $results ) { return new WP_Error( 'wpdb_get_table_charset_failure' ); } @@ -2838,16 +2841,16 @@ class wpdb { . '|REPLACE(?:\s+LOW_PRIORITY|\s+DELAYED)?(?:\s+INTO)?' . '|UPDATE(?:\s+LOW_PRIORITY)?(?:\s+IGNORE)?' . '|DELETE(?:\s+LOW_PRIORITY|\s+QUICK|\s+IGNORE)*(?:\s+FROM)?' - . ')\s+`?([\w-]+)`?/is', $query, $maybe ) ) { - return $maybe[1]; + . ')\s+((?:[0-9a-zA-Z$_.`]|[\xC2-\xDF][\x80-\xBF])+)/is', $query, $maybe ) ) { + return str_replace( '`', '', $maybe[1] ); } // SHOW TABLE STATUS and SHOW TABLES if ( preg_match( '/^\s*(?:' . 'SHOW\s+TABLE\s+STATUS.+(?:LIKE\s+|WHERE\s+Name\s*=\s*)' . '|SHOW\s+(?:FULL\s+)?TABLES.+(?:LIKE\s+|WHERE\s+Name\s*=\s*)' - . ')\W([\w-]+)\W/is', $query, $maybe ) ) { - return $maybe[1]; + . ')\W((?:[0-9a-zA-Z$_.`]|[\xC2-\xDF][\x80-\xBF])+)\W/is', $query, $maybe ) ) { + return str_replace( '`', '', $maybe[1] ); } // Big pattern for the rest of the table-related queries. @@ -2865,8 +2868,8 @@ class wpdb { . '|LOAD\s+DATA.*INFILE.*INTO\s+TABLE' . '|(?:GRANT|REVOKE).*ON\s+TABLE' . '|SHOW\s+(?:.*FROM|.*TABLE)' - . ')\s+\(*\s*`?([\w-]+)`?\s*\)*/is', $query, $maybe ) ) { - return $maybe[1]; + . ')\s+\(*\s*((?:[0-9a-zA-Z$_.`]|[\xC2-\xDF][\x80-\xBF])+)\s*\)*/is', $query, $maybe ) ) { + return str_replace( '`', '', $maybe[1] ); } return false;