From fcc82fd671905f2921123467b361580ccd9b68dc Mon Sep 17 00:00:00 2001 From: Boone Gorges Date: Fri, 17 Oct 2014 01:20:21 +0000 Subject: [PATCH] Use table aliases for columns in SQL generated by WP_Date_Query. The use of non-aliased column names (eg 'post_date' instead of 'wp_posts.post_date') in WP_Date_Query causes SQL notices and other failures when queries involve table joins, such as date_query combined with tax_query or meta_query. This changeset modifies WP_Date_Query::validate_column() to add the table alias when it can be detected from the column name (ie, in the case of core columns). A side effect of this change is that it is now possible to use WP_Date_Query to build WHERE clauses across multiple tables, though there is currently no core support for the automatic generation of the necessary JOIN clauses. See Props ew_holmes, wonderboymusic, neoxx, Viper007Bond, boonebgorges. Fixes #25775. Built from https://develop.svn.wordpress.org/trunk@29933 git-svn-id: http://core.svn.wordpress.org/trunk@29685 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/date.php | 58 +++++++++++++++++++++++++++++++++++--------- 1 file changed, 47 insertions(+), 11 deletions(-) diff --git a/wp-includes/date.php b/wp-includes/date.php index 426b24dba2..2634f2a7a0 100644 --- a/wp-includes/date.php +++ b/wp-includes/date.php @@ -435,6 +435,11 @@ class WP_Date_Query { /** * Validates a column name parameter. * + * Column names without a table prefix (like 'post_date') are checked against a whitelist of + * known tables, and then, if found, have a table prefix (such as 'wp_posts.') prepended. + * Prefixed column names (such as 'wp_posts.post_date') bypass this whitelist check, + * and are only sanitized to remove illegal characters. + * * @since 3.7.0 * @access public * @@ -442,22 +447,53 @@ class WP_Date_Query { * @return string A validated column name value. */ public function validate_column( $column ) { + global $wpdb; + $valid_columns = array( 'post_date', 'post_date_gmt', 'post_modified', 'post_modified_gmt', 'comment_date', 'comment_date_gmt' ); - /** - * Filter the list of valid date query columns. - * - * @since 3.7.0 - * - * @param array $valid_columns An array of valid date query columns. Defaults are 'post_date', 'post_date_gmt', - * 'post_modified', 'post_modified_gmt', 'comment_date', 'comment_date_gmt' - */ - if ( ! in_array( $column, apply_filters( 'date_query_valid_columns', $valid_columns ) ) ) - $column = 'post_date'; - return $column; + // Attempt to detect a table prefix. + if ( false === strpos( $column, '.' ) ) { + /** + * Filter the list of valid date query columns. + * + * @since 3.7.0 + * + * @param array $valid_columns An array of valid date query columns. Defaults + * are 'post_date', 'post_date_gmt', 'post_modified', + * 'post_modified_gmt', 'comment_date', 'comment_date_gmt' + */ + if ( ! in_array( $column, apply_filters( 'date_query_valid_columns', $valid_columns ) ) ) { + $column = 'post_date'; + } + + $known_columns = array( + $wpdb->posts => array( + 'post_date', + 'post_date_gmt', + 'post_modified', + 'post_modified_gmt', + ), + $wpdb->comments => array( + 'comment_date', + 'comment_date_gmt', + ), + ); + + // If it's a known column name, add the appropriate table prefix. + foreach ( $known_columns as $table_name => $table_columns ) { + if ( in_array( $column, $table_columns ) ) { + $column = $table_name . '.' . $column; + break; + } + } + + } + + // Remove unsafe characters. + return preg_replace( '/[^a-zA-Z0-9_$\.]/', '', $column ); } /**