We were able to connect to the database server (which means your username and password is okay) but not able to select the %1$s database.
%2$s have permission to use the %1$s database?username_%1$s. Could that be the problem?If you don\'t know how to set up a database you should contact your host. If all else fails you may find help at the WordPress Support Forums.
' ), htmlspecialchars( $db, ENT_QUOTES ), htmlspecialchars( $this->dbuser, ENT_QUOTES ) ), 'db_select_fail' ); + + $message = '' . sprintf(
+ /* translators: %s: database name */
+ __( 'We were able to connect to the database server (which means your username and password is okay) but not able to select the %s database.' ),
+ '' . htmlspecialchars( $db, ENT_QUOTES ) . ''
+ ) . "
' . htmlspecialchars( $this->dbuser, ENT_QUOTES ) . '',
+ '' . htmlspecialchars( $db, ENT_QUOTES ) . ''
+ ) . "username_%1$s. Could that be the problem?' ),
+ htmlspecialchars( $db, ENT_QUOTES )
+ ). "' . sprintf( + /* translators: %s: support forums URL */ + __( 'If you don’t know how to set up a database you should contact your host. If all else fails you may find help at the WordPress Support Forums.' ), + __( 'https://wordpress.org/support/' ) + ) . "
\n"; + + $this->bail( $message, 'db_select_fail' ); } - return; } } @@ -1061,17 +1073,16 @@ * Use esc_sql() or wpdb::prepare() instead. * * @since 2.8.0 - * @deprecated 3.6.0 + * @deprecated 3.6.0 Use wpdb::prepare() * @see wpdb::prepare * @see esc_sql() - * @access private * * @param string $string * @return string */ function _weak_escape( $string ) { if ( func_num_args() === 1 && function_exists( '_deprecated_function' ) ) - _deprecated_function( __METHOD__, '3.6', 'wpdb::prepare() or esc_sql()' ); + _deprecated_function( __METHOD__, '3.6.0', 'wpdb::prepare() or esc_sql()' ); return addslashes( $string ); } @@ -1081,7 +1092,6 @@ * @see mysqli_real_escape_string() * @see mysql_real_escape_string() * @since 2.8.0 - * @access private * * @param string $string to escape * @return string escaped @@ -1089,19 +1099,22 @@ function _real_escape( $string ) { if ( $this->dbh ) { if ( $this->use_mysqli ) { - return mysqli_real_escape_string( $this->dbh, $string ); + $escaped = mysqli_real_escape_string( $this->dbh, $string ); } else { - return mysql_real_escape_string( $string, $this->dbh ); + $escaped = mysql_real_escape_string( $string, $this->dbh ); } + } else { + $class = get_class( $this ); + if ( function_exists( '__' ) ) { + /* translators: %s: database access abstraction class, usually wpdb or a class extending wpdb */ + _doing_it_wrong( $class, sprintf( __( '%s must set a database connection for use with escaping.' ), $class ), '3.6.0' ); + } else { + _doing_it_wrong( $class, sprintf( '%s must set a database connection for use with escaping.', $class ), '3.6.0' ); + } + $escaped = addslashes( $string ); } - $class = get_class( $this ); - if ( function_exists( '__' ) ) { - _doing_it_wrong( $class, sprintf( __( '%s must set a database connection for use with escaping.' ), $class ), E_USER_NOTICE ); - } else { - _doing_it_wrong( $class, sprintf( '%s must set a database connection for use with escaping.', $class ), E_USER_NOTICE ); - } - return addslashes( $string ); + return $this->add_placeholder_escape( $escaped ); } /** @@ -1109,18 +1122,18 @@ * * @uses wpdb::_real_escape() * @since 2.8.0 - * @access private * * @param string|array $data * @return string|array escaped */ - function _escape( $data ) { + public function _escape( $data ) { if ( is_array( $data ) ) { foreach ( $data as $k => $v ) { - if ( is_array($v) ) + if ( is_array( $v ) ) { $data[$k] = $this->_escape( $v ); - else + } else { $data[$k] = $this->_real_escape( $v ); + } } } else { $data = $this->_real_escape( $data ); @@ -1135,7 +1148,7 @@ * Use esc_sql() or wpdb::prepare() instead. * * @since 0.71 - * @deprecated 3.6.0 + * @deprecated 3.6.0 Use wpdb::prepare() * @see wpdb::prepare() * @see esc_sql() * @@ -1144,7 +1157,7 @@ */ public function escape( $data ) { if ( func_num_args() === 1 && function_exists( '_deprecated_function' ) ) - _deprecated_function( __METHOD__, '3.6', 'wpdb::prepare() or esc_sql()' ); + _deprecated_function( __METHOD__, '3.6.0', 'wpdb::prepare() or esc_sql()' ); if ( is_array( $data ) ) { foreach ( $data as $k => $v ) { if ( is_array( $v ) ) @@ -1163,9 +1176,10 @@ * Escapes content by reference for insertion into the database, for security * * @uses wpdb::_real_escape() + * * @since 2.3.0 + * * @param string $string to escape - * @return void */ public function escape_by_ref( &$string ) { if ( ! is_float( $string ) ) @@ -1175,58 +1189,120 @@ /** * Prepares a SQL query for safe execution. Uses sprintf()-like syntax. * - * The following directives can be used in the query format string: + * The following placeholders can be used in the query string: * %d (integer) * %f (float) * %s (string) - * %% (literal percentage sign - no argument needed) + * + * All placeholders MUST be left unquoted in the query string. A corresponding argument MUST be passed for each placeholder. * - * All of %d, %f, and %s are to be left unquoted in the query string and they need an argument passed for them. - * Literals (%) as parts of the query must be properly written as %%. - * - * This function only supports a small subset of the sprintf syntax; it only supports %d (integer), %f (float), and %s (string). - * Does not support sign, padding, alignment, width or precision specifiers. - * Does not support argument numbering/swapping. + * For compatibility with old behavior, numbered or formatted string placeholders (eg, %1$s, %5s) will not have quotes + * added by this function, so should be passed with appropriate quotes around them for your usage. * - * May be called like {@link http://php.net/sprintf sprintf()} or like {@link http://php.net/vsprintf vsprintf()}. - * - * Both %d and %s should be left unquoted in the query string. + * Literal percentage signs (%) in the query string must be written as %%. Percentage wildcards (for example, + * to use in LIKE syntax) must be passed via a substitution argument containing the complete LIKE string, these + * cannot be inserted directly in the query string. Also see {@see esc_like()}. * - * wpdb::prepare( "SELECT * FROM `table` WHERE `column` = %s AND `field` = %d", 'foo', 1337 ) - * wpdb::prepare( "SELECT DATE_FORMAT(`field`, '%%c') FROM `table` WHERE `column` = %s", 'foo' ); + * Arguments may be passed as individual arguments to the method, or as a single array containing all arguments. A combination + * of the two is not supported. * - * @link http://php.net/sprintf Description of syntax. + * Examples: + * $wpdb->prepare( "SELECT * FROM `table` WHERE `column` = %s AND `field` = %d OR `other_field` LIKE %s", array( 'foo', 1337, '%bar' ) ); + * $wpdb->prepare( "SELECT DATE_FORMAT(`field`, '%%c') FROM `table` WHERE `column` = %s", 'foo' ); + * + * @link https://secure.php.net/sprintf Description of syntax. * @since 2.3.0 * - * @param string $query Query statement with sprintf()-like placeholders - * @param array|mixed $args The array of variables to substitute into the query's placeholders if being called like - * {@link http://php.net/vsprintf vsprintf()}, or the first variable to substitute into the query's placeholders if - * being called like {@link http://php.net/sprintf sprintf()}. - * @param mixed $args,... further variables to substitute into the query's placeholders if being called like - * {@link http://php.net/sprintf sprintf()}. - * @return null|false|string Sanitized query string, null if there is no query, false if there is an error and string - * if there was something to prepare + * @param string $query Query statement with sprintf()-like placeholders + * @param array|mixed $args The array of variables to substitute into the query's placeholders if being called with an array of arguments, + * or the first variable to substitute into the query's placeholders if being called with individual arguments. + * @param mixed $args,... further variables to substitute into the query's placeholders if being called wih individual arguments. + * @return string|void Sanitized query string, if there is a query to prepare. */ public function prepare( $query, $args ) { - if ( is_null( $query ) ) + if ( is_null( $query ) ) { return; + } // This is not meant to be foolproof -- but it will catch obviously incorrect usage. if ( strpos( $query, '%' ) === false ) { - _doing_it_wrong( 'wpdb::prepare', sprintf( __( 'The query argument of %s must have a placeholder.' ), 'wpdb::prepare()' ), '3.9' ); + wp_load_translations_early(); + _doing_it_wrong( 'wpdb::prepare', sprintf( __( 'The query argument of %s must have a placeholder.' ), 'wpdb::prepare()' ), '3.9.0' ); } $args = func_get_args(); array_shift( $args ); - // If args were passed as an array (as in vsprintf), move them up - if ( isset( $args[0] ) && is_array($args[0]) ) + + // If args were passed as an array (as in vsprintf), move them up. + $passed_as_array = false; + if ( is_array( $args[0] ) && count( $args ) == 1 ) { + $passed_as_array = true; $args = $args[0]; - $query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it - $query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting - $query = preg_replace( '|(?add_placeholder_escape( $query ); } /** @@ -1235,16 +1311,17 @@ * Use this only before wpdb::prepare() or esc_sql(). Reversing the order is very bad for security. * * Example Prepared Statement: - * $wild = '%'; - * $find = 'only 43% of planets'; - * $like = $wild . $wpdb->esc_like( $find ) . $wild; - * $sql = $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE post_content LIKE %s", $like ); + * + * $wild = '%'; + * $find = 'only 43% of planets'; + * $like = $wild . $wpdb->esc_like( $find ) . $wild; + * $sql = $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE post_content LIKE %s", $like ); * * Example Escape Chain: - * $sql = esc_sql( $wpdb->esc_like( $input ) ); + * + * $sql = esc_sql( $wpdb->esc_like( $input ) ); * * @since 4.0.0 - * @access public * * @param string $text The raw text to be escaped. The input typed by the user should have no * extra or deleted slashes. @@ -1262,7 +1339,7 @@ * @global array $EZSQL_ERROR Stores error information of query and error string * * @param string $str The error to display - * @return false|null False if the showing of errors is disabled. + * @return false|void False if the showing of errors is disabled. */ public function print_error( $str = '' ) { global $EZSQL_ERROR; @@ -1281,10 +1358,13 @@ wp_load_translations_early(); - if ( $caller = $this->get_caller() ) + if ( $caller = $this->get_caller() ) { + /* translators: 1: Database error message, 2: SQL query, 3: Name of the calling function */ $error_str = sprintf( __( 'WordPress database error %1$s for query %2$s made by %3$s' ), $str, $this->last_query, $caller ); - else + } else { + /* translators: 1: Database error message, 2: SQL query */ $error_str = sprintf( __( 'WordPress database error %1$s for query %2$s' ), $str, $this->last_query ); + } error_log( $error_str ); @@ -1294,19 +1374,29 @@ // If there is an error then take note of it if ( is_multisite() ) { - $msg = "WordPress database error: [$str]\n{$this->last_query}\n"; - if ( defined( 'ERRORLOGFILE' ) ) + $msg = sprintf( + "%s [%s]\n%s\n", + __( 'WordPress database error:' ), + $str, + $this->last_query + ); + + if ( defined( 'ERRORLOGFILE' ) ) { error_log( $msg, 3, ERRORLOGFILE ); - if ( defined( 'DIEONDBERROR' ) ) + } + if ( defined( 'DIEONDBERROR' ) ) { wp_die( $msg ); + } } else { $str = htmlspecialchars( $str, ENT_QUOTES ); $query = htmlspecialchars( $this->last_query, ENT_QUOTES ); - print "WordPress database error: [$str]
- $query
%s [%s]%s
This either means that the username and password information in your wp-config.php file is incorrect or we can't contact the database server at %s. This could mean your host's database server is down.
If you're unsure what these terms mean you should probably contact your host. If you still need help you can always visit the WordPress Support Forums.
-" ), htmlspecialchars( $this->dbhost, ENT_QUOTES ) ), 'db_connect_fail' ); + $message = '' . sprintf(
+ /* translators: 1: wp-config.php. 2: database host */
+ __( 'This either means that the username and password information in your %1$s file is incorrect or we can’t contact the database server at %2$s. This could mean your host’s database server is down.' ),
+ 'wp-config.php',
+ '' . htmlspecialchars( $this->dbhost, ENT_QUOTES ) . ''
+ ) . "
' . sprintf( + /* translators: %s: support forums URL */ + __( 'If you’re unsure what these terms mean you should probably contact your host. If you still need help you can always visit the WordPress Support Forums.' ), + __( 'https://wordpress.org/support/' ) + ) . "
\n"; + + $this->bail( $message, 'db_connect_fail' ); return false; } elseif ( $this->dbh ) { @@ -1518,10 +1618,64 @@ } /** - * Check that the connection to the database is still up. If not, try to reconnect. + * Parse the DB_HOST setting to interpret it for mysqli_real_connect. + * + * mysqli_real_connect doesn't support the host param including a port or + * socket like mysql_connect does. This duplicates how mysql_connect detects + * a port and/or socket file. + * + * @since 4.9.0 + * + * @param string $host The DB_HOST setting to parse. + * @return array|bool Array containing the host, the port, the socket and whether + * it is an IPv6 address, in that order. If $host couldn't be parsed, + * returns false. + */ + public function parse_db_host( $host ) { + $port = null; + $socket = null; + $is_ipv6 = false; + + // First peel off the socket parameter from the right, if it exists. + $socket_pos = strpos( $host, ':/' ); + if ( $socket_pos !== false ) { + $socket = substr( $host, $socket_pos + 1 ); + $host = substr( $host, 0, $socket_pos ); + } + + // We need to check for an IPv6 address first. + // An IPv6 address will always contain at least two colons. + if ( substr_count( $host, ':' ) > 1 ) { + $pattern = '#^(?:\[)?(?P' . sprintf(
+ /* translators: %s: database host */
+ __( 'This means that we lost contact with the database server at %s. This could mean your host’s database server is down.' ),
+ '' . htmlspecialchars( $this->dbhost, ENT_QUOTES ) . ''
+ ) . "
' . sprintf( + /* translators: %s: support forums URL */ + __( 'If you’re unsure what these terms mean you should probably contact your host. If you still need help you can always visit the WordPress Support Forums.' ), + __( 'https://wordpress.org/support/' ) + ) . "
\n"; + // We weren't able to reconnect, so we better bail. - $this->bail( sprintf( ( " -This means that we lost contact with the database server at %s. This could mean your host's database server is down.
If you're unsure what these terms mean you should probably contact your host. If you still need help you can always visit the WordPress Support Forums.
-" ), htmlspecialchars( $this->dbhost, ENT_QUOTES ) ), 'db_connect_fail' ); + $this->bail( $message, 'db_connect_fail' ); // Call dead_db() if bail didn't die, because this database is no more. It has ceased to be (at least temporarily). dead_db(); @@ -1610,7 +1777,7 @@ } /** - * Filter the database query. + * Filters the database query. * * Some queries are made before the plugins have been loaded, * and thus cannot be filtered with this method. @@ -1640,18 +1807,28 @@ $this->check_current_query = true; - // Keep track of the last query for debug.. + // Keep track of the last query for debug. $this->last_query = $query; $this->_do_query( $query ); - // MySQL server has gone away, try to reconnect + // MySQL server has gone away, try to reconnect. $mysql_errno = 0; if ( ! empty( $this->dbh ) ) { if ( $this->use_mysqli ) { - $mysql_errno = mysqli_errno( $this->dbh ); + if ( $this->dbh instanceof mysqli ) { + $mysql_errno = mysqli_errno( $this->dbh ); + } else { + // $dbh is defined, but isn't a real connection. + // Something has gone horribly wrong, let's try a reconnect. + $mysql_errno = 2006; + } } else { - $mysql_errno = mysql_errno( $this->dbh ); + if ( is_resource( $this->dbh ) ) { + $mysql_errno = mysql_errno( $this->dbh ); + } else { + $mysql_errno = 2006; + } } } @@ -1664,11 +1841,19 @@ } } - // If there is an error then take note of it.. + // If there is an error then take note of it. if ( $this->use_mysqli ) { - $this->last_error = mysqli_error( $this->dbh ); + if ( $this->dbh instanceof mysqli ) { + $this->last_error = mysqli_error( $this->dbh ); + } else { + $this->last_error = __( 'Unable to retrieve the error message from MySQL' ); + } } else { - $this->last_error = mysql_error( $this->dbh ); + if ( is_resource( $this->dbh ) ) { + $this->last_error = mysql_error( $this->dbh ); + } else { + $this->last_error = __( 'Unable to retrieve the error message from MySQL' ); + } } if ( $this->last_error ) { @@ -1701,12 +1886,12 @@ } else { $num_rows = 0; if ( $this->use_mysqli && $this->result instanceof mysqli_result ) { - while ( $row = @mysqli_fetch_object( $this->result ) ) { + while ( $row = mysqli_fetch_object( $this->result ) ) { $this->last_result[$num_rows] = $row; $num_rows++; } } elseif ( is_resource( $this->result ) ) { - while ( $row = @mysql_fetch_object( $this->result ) ) { + while ( $row = mysql_fetch_object( $this->result ) ) { $this->last_result[$num_rows] = $row; $num_rows++; } @@ -1726,7 +1911,6 @@ * * @since 3.9.0 * - * @access private * @see wpdb::query() * * @param string $query The query to run. @@ -1736,10 +1920,10 @@ $this->timer_start(); } - if ( $this->use_mysqli ) { - $this->result = @mysqli_query( $this->dbh, $query ); - } else { - $this->result = @mysql_query( $query, $this->dbh ); + if ( ! empty( $this->dbh ) && $this->use_mysqli ) { + $this->result = mysqli_query( $this->dbh, $query ); + } elseif ( ! empty( $this->dbh ) ) { + $this->result = mysql_query( $query, $this->dbh ); } $this->num_queries++; @@ -1749,6 +1933,64 @@ } /** + * Generates and returns a placeholder escape string for use in queries returned by ::prepare(). + * + * @since 4.8.3 + * + * @return string String to escape placeholders. + */ + public function placeholder_escape() { + static $placeholder; + + if ( ! $placeholder ) { + // If ext/hash is not present, compat.php's hash_hmac() does not support sha256. + $algo = function_exists( 'hash' ) ? 'sha256' : 'sha1'; + // Old WP installs may not have AUTH_SALT defined. + $salt = defined( 'AUTH_SALT' ) && AUTH_SALT ? AUTH_SALT : (string) rand(); + + $placeholder = '{' . hash_hmac( $algo, uniqid( $salt, true ), $salt ) . '}'; + } + + /* + * Add the filter to remove the placeholder escaper. Uses priority 0, so that anything + * else attached to this filter will recieve the query with the placeholder string removed. + */ + if ( ! has_filter( 'query', array( $this, 'remove_placeholder_escape' ) ) ) { + add_filter( 'query', array( $this, 'remove_placeholder_escape' ), 0 ); + } + + return $placeholder; + } + + /** + * Adds a placeholder escape string, to escape anything that resembles a printf() placeholder. + * + * @since 4.8.3 + * + * @param string $query The query to escape. + * @return string The query with the placeholder escape string inserted where necessary. + */ + public function add_placeholder_escape( $query ) { + /* + * To prevent returning anything that even vaguely resembles a placeholder, + * we clobber every % we can find. + */ + return str_replace( '%', $this->placeholder_escape(), $query ); + } + + /** + * Removes the placeholder escape strings from a query. + * + * @since 4.8.3 + * + * @param string $query The query from which the placeholder will be removed. + * @return string The query with the placeholder removed. + */ + public function remove_placeholder_escape( $query ) { + return str_replace( $this->placeholder_escape(), '%', $query ); + } + + /** * Insert a row into a table. * * wpdb::insert( 'table', array( 'column' => 'foo', 'field' => 'bar' ) ) @@ -1759,10 +2001,14 @@ * @see wpdb::$field_types * @see wp_set_wpdb_vars() * - * @param string $table table name - * @param array $data Data to insert (in column => value pairs). Both $data columns and $data values should be "raw" (neither should be SQL escaped). - * @param array|string $format Optional. An array of formats to be mapped to each of the value in $data. If string, that format will be used for all of the values in $data. - * A format is one of '%d', '%f', '%s' (integer, float, string). If omitted, all values in $data will be treated as strings unless otherwise specified in wpdb::$field_types. + * @param string $table Table name + * @param array $data Data to insert (in column => value pairs). + * Both $data columns and $data values should be "raw" (neither should be SQL escaped). + * Sending a null value will cause the column to be set to NULL - the corresponding format is ignored in this case. + * @param array|string $format Optional. An array of formats to be mapped to each of the value in $data. + * If string, that format will be used for all of the values in $data. + * A format is one of '%d', '%f', '%s' (integer, float, string). + * If omitted, all values in $data will be treated as strings unless otherwise specified in wpdb::$field_types. * @return int|false The number of rows inserted, or false on error. */ public function insert( $table, $data, $format = null ) { @@ -1780,10 +2026,14 @@ * @see wpdb::$field_types * @see wp_set_wpdb_vars() * - * @param string $table table name - * @param array $data Data to insert (in column => value pairs). Both $data columns and $data values should be "raw" (neither should be SQL escaped). - * @param array|string $format Optional. An array of formats to be mapped to each of the value in $data. If string, that format will be used for all of the values in $data. - * A format is one of '%d', '%f', '%s' (integer, float, string). If omitted, all values in $data will be treated as strings unless otherwise specified in wpdb::$field_types. + * @param string $table Table name + * @param array $data Data to insert (in column => value pairs). + * Both $data columns and $data values should be "raw" (neither should be SQL escaped). + * Sending a null value will cause the column to be set to NULL - the corresponding format is ignored in this case. + * @param array|string $format Optional. An array of formats to be mapped to each of the value in $data. + * If string, that format will be used for all of the values in $data. + * A format is one of '%d', '%f', '%s' (integer, float, string). + * If omitted, all values in $data will be treated as strings unless otherwise specified in wpdb::$field_types. * @return int|false The number of rows affected, or false on error. */ public function replace( $table, $data, $format = null ) { @@ -1795,17 +2045,20 @@ * * Runs an insert or replace query based on $type argument. * - * @access private * @since 3.0.0 * @see wpdb::prepare() * @see wpdb::$field_types * @see wp_set_wpdb_vars() * - * @param string $table table name - * @param array $data Data to insert (in column => value pairs). Both $data columns and $data values should be "raw" (neither should be SQL escaped). - * @param array|string $format Optional. An array of formats to be mapped to each of the value in $data. If string, that format will be used for all of the values in $data. - * A format is one of '%d', '%f', '%s' (integer, float, string). If omitted, all values in $data will be treated as strings unless otherwise specified in wpdb::$field_types. - * @param string $type Optional. What type of operation is this? INSERT or REPLACE. Defaults to INSERT. + * @param string $table Table name + * @param array $data Data to insert (in column => value pairs). + * Both $data columns and $data values should be "raw" (neither should be SQL escaped). + * Sending a null value will cause the column to be set to NULL - the corresponding format is ignored in this case. + * @param array|string $format Optional. An array of formats to be mapped to each of the value in $data. + * If string, that format will be used for all of the values in $data. + * A format is one of '%d', '%f', '%s' (integer, float, string). + * If omitted, all values in $data will be treated as strings unless otherwise specified in wpdb::$field_types. + * @param string $type Optional. What type of operation is this? INSERT or REPLACE. Defaults to INSERT. * @return int|false The number of rows affected, or false on error. */ function _insert_replace_helper( $table, $data, $format = null, $type = 'INSERT' ) { @@ -1822,6 +2075,11 @@ $formats = $values = array(); foreach ( $data as $value ) { + if ( is_null( $value['value'] ) ) { + $formats[] = 'NULL'; + continue; + } + $formats[] = $value['format']; $values[] = $value['value']; } @@ -1846,12 +2104,23 @@ * @see wpdb::$field_types * @see wp_set_wpdb_vars() * - * @param string $table table name - * @param array $data Data to update (in column => value pairs). Both $data columns and $data values should be "raw" (neither should be SQL escaped). - * @param array $where A named array of WHERE clauses (in column => value pairs). Multiple clauses will be joined with ANDs. Both $where columns and $where values should be "raw". - * @param array|string $format Optional. An array of formats to be mapped to each of the values in $data. If string, that format will be used for all of the values in $data. - * A format is one of '%d', '%f', '%s' (integer, float, string). If omitted, all values in $data will be treated as strings unless otherwise specified in wpdb::$field_types. - * @param array|string $where_format Optional. An array of formats to be mapped to each of the values in $where. If string, that format will be used for all of the items in $where. A format is one of '%d', '%f', '%s' (integer, float, string). If omitted, all values in $where will be treated as strings. + * @param string $table Table name + * @param array $data Data to update (in column => value pairs). + * Both $data columns and $data values should be "raw" (neither should be SQL escaped). + * Sending a null value will cause the column to be set to NULL - the corresponding + * format is ignored in this case. + * @param array $where A named array of WHERE clauses (in column => value pairs). + * Multiple clauses will be joined with ANDs. + * Both $where columns and $where values should be "raw". + * Sending a null value will create an IS NULL comparison - the corresponding format will be ignored in this case. + * @param array|string $format Optional. An array of formats to be mapped to each of the values in $data. + * If string, that format will be used for all of the values in $data. + * A format is one of '%d', '%f', '%s' (integer, float, string). + * If omitted, all values in $data will be treated as strings unless otherwise specified in wpdb::$field_types. + * @param array|string $where_format Optional. An array of formats to be mapped to each of the values in $where. + * If string, that format will be used for all of the items in $where. + * A format is one of '%d', '%f', '%s' (integer, float, string). + * If omitted, all values in $where will be treated as strings. * @return int|false The number of rows updated, or false on error. */ public function update( $table, $data, $where, $format = null, $where_format = null ) { @@ -1870,10 +2139,20 @@ $fields = $conditions = $values = array(); foreach ( $data as $field => $value ) { + if ( is_null( $value['value'] ) ) { + $fields[] = "`$field` = NULL"; + continue; + } + $fields[] = "`$field` = " . $value['format']; $values[] = $value['value']; } foreach ( $where as $field => $value ) { + if ( is_null( $value['value'] ) ) { + $conditions[] = "`$field` IS NULL"; + continue; + } + $conditions[] = "`$field` = " . $value['format']; $values[] = $value['value']; } @@ -1898,9 +2177,15 @@ * @see wpdb::$field_types * @see wp_set_wpdb_vars() * - * @param string $table table name - * @param array $where A named array of WHERE clauses (in column => value pairs). Multiple clauses will be joined with ANDs. Both $where columns and $where values should be "raw". - * @param array|string $where_format Optional. An array of formats to be mapped to each of the values in $where. If string, that format will be used for all of the items in $where. A format is one of '%d', '%f', '%s' (integer, float, string). If omitted, all values in $where will be treated as strings unless otherwise specified in wpdb::$field_types. + * @param string $table Table name + * @param array $where A named array of WHERE clauses (in column => value pairs). + * Multiple clauses will be joined with ANDs. + * Both $where columns and $where values should be "raw". + * Sending a null value will create an IS NULL comparison - the corresponding format will be ignored in this case. + * @param array|string $where_format Optional. An array of formats to be mapped to each of the values in $where. + * If string, that format will be used for all of the items in $where. + * A format is one of '%d', '%f', '%s' (integer, float, string). + * If omitted, all values in $where will be treated as strings unless otherwise specified in wpdb::$field_types. * @return int|false The number of rows updated, or false on error. */ public function delete( $table, $where, $where_format = null ) { @@ -1915,6 +2200,11 @@ $conditions = $values = array(); foreach ( $where as $field => $value ) { + if ( is_null( $value['value'] ) ) { + $conditions[] = "`$field` IS NULL"; + continue; + } + $conditions[] = "`$field` = " . $value['format']; $values[] = $value['value']; } @@ -1937,12 +2227,11 @@ * stripped, then field processing is rejected and the query fails. * * @since 4.2.0 - * @access protected * * @param string $table Table name. * @param array $data Field/value pair. * @param mixed $format Format for each field. - * @return array|bool Returns an array of fields that contain paired values + * @return array|false Returns an array of fields that contain paired values * and formats. Returns false for invalid values. */ protected function process_fields( $table, $data, $format ) { @@ -1974,7 +2263,6 @@ * Prepares arrays of value/format pairs as passed to wpdb CRUD methods. * * @since 4.2.0 - * @access protected * * @param array $data Array of fields to values. * @param mixed $format Formats to be mapped to the values in $data. @@ -2010,17 +2298,18 @@ * the wpdb::process_field_formats() method. * * @since 4.2.0 - * @access protected * * @param array $data As it comes from the wpdb::process_field_formats() method. * @param string $table Table name. - * @return The same array as $data with additional 'charset' keys. + * @return array|false The same array as $data with additional 'charset' keys. */ protected function process_field_charsets( $data, $table ) { foreach ( $data as $field => $value ) { if ( '%d' === $value['format'] || '%f' === $value['format'] ) { - // We can skip this field if we know it isn't a string. - // This checks %d/%f versus ! %s because it's sprintf() could take more. + /* + * We can skip this field if we know it isn't a string. + * This checks %d/%f versus ! %s because its sprintf() could take more. + */ $value['charset'] = false; } else { $value['charset'] = $this->get_col_charset( $table, $field ); @@ -2039,18 +2328,19 @@ * For string fields, record the maximum string length that field can safely save. * * @since 4.2.1 - * @access protected * * @param array $data As it comes from the wpdb::process_field_charsets() method. * @param string $table Table name. - * @return array|False The same array as $data with additional 'length' keys, or false if + * @return array|false The same array as $data with additional 'length' keys, or false if * any of the values were too long for their corresponding field. */ protected function process_field_lengths( $data, $table ) { foreach ( $data as $field => $value ) { if ( '%d' === $value['format'] || '%f' === $value['format'] ) { - // We can skip this field if we know it isn't a string. - // This checks %d/%f versus ! %s because it's sprintf() could take more. + /* + * We can skip this field if we know it isn't a string. + * This checks %d/%f versus ! %s because its sprintf() could take more. + */ $value['length'] = false; } else { $value['length'] = $this->get_col_length( $table, $field ); @@ -2075,14 +2365,14 @@ * @since 0.71 * * @param string|null $query Optional. SQL query. Defaults to null, use the result from the previous query. - * @param int $x Optional. Column of value to return. Indexed from 0. - * @param int $y Optional. Row of value to return. Indexed from 0. + * @param int $x Optional. Column of value to return. Indexed from 0. + * @param int $y Optional. Row of value to return. Indexed from 0. * @return string|null Database query result (as string), or null on failure */ public function get_var( $query = null, $x = 0, $y = 0 ) { $this->func_call = "\$db->get_var(\"$query\", $x, $y)"; - if ( $this->check_safe_collation( $query ) ) { + if ( $this->check_current_query && $this->check_safe_collation( $query ) ) { $this->check_current_query = false; } @@ -2106,16 +2396,16 @@ * * @since 0.71 * - * @param string|null $query SQL query. - * @param string $output Optional. one of ARRAY_A | ARRAY_N | OBJECT constants. Return an associative array (column => value, ...), - * a numerically indexed array (0 => value, ...) or an object ( ->column = value ), respectively. - * @param int $y Optional. Row to return. Indexed from 0. - * @return mixed Database query result in format specified by $output or null on failure + * @param string|null $query SQL query. + * @param string $output Optional. The required return type. One of OBJECT, ARRAY_A, or ARRAY_N, which correspond to + * an stdClass object, an associative array, or a numeric array, respectively. Default OBJECT. + * @param int $y Optional. Row to return. Indexed from 0. + * @return array|object|null|void Database query result in format specified by $output or null on failure */ public function get_row( $query = null, $output = OBJECT, $y = 0 ) { $this->func_call = "\$db->get_row(\"$query\",$output,$y)"; - if ( $this->check_safe_collation( $query ) ) { + if ( $this->check_current_query && $this->check_safe_collation( $query ) ) { $this->check_current_query = false; } @@ -2152,11 +2442,11 @@ * @since 0.71 * * @param string|null $query Optional. SQL query. Defaults to previous query. - * @param int $x Optional. Column to return. Indexed from 0. + * @param int $x Optional. Column to return. Indexed from 0. * @return array Database query result. Array indexed from 0 by SQL result row number. */ public function get_col( $query = null , $x = 0 ) { - if ( $this->check_safe_collation( $query ) ) { + if ( $this->check_current_query && $this->check_safe_collation( $query ) ) { $this->check_current_query = false; } @@ -2179,16 +2469,18 @@ * * @since 0.71 * - * @param string $query SQL query. - * @param string $output Optional. Any of ARRAY_A | ARRAY_N | OBJECT | OBJECT_K constants. With one of the first three, return an array of rows indexed from 0 by SQL result row number. - * Each row is an associative array (column => value, ...), a numerically indexed array (0 => value, ...), or an object. ( ->column = value ), respectively. - * With OBJECT_K, return an associative array of row objects keyed by the value of each row's first column's value. Duplicate keys are discarded. - * @return mixed Database query results + * @param string $query SQL query. + * @param string $output Optional. Any of ARRAY_A | ARRAY_N | OBJECT | OBJECT_K constants. + * With one of the first three, return an array of rows indexed from 0 by SQL result row number. + * Each row is an associative array (column => value, ...), a numerically indexed array (0 => value, ...), or an object. ( ->column = value ), respectively. + * With OBJECT_K, return an associative array of row objects keyed by the value of each row's first column's value. + * Duplicate keys are discarded. + * @return array|object|null Database query results */ public function get_results( $query = null, $output = OBJECT ) { $this->func_call = "\$db->get_results(\"$query\", $output)"; - if ( $this->check_safe_collation( $query ) ) { + if ( $this->check_current_query && $this->check_safe_collation( $query ) ) { $this->check_current_query = false; } @@ -2215,7 +2507,7 @@ } elseif ( $output == ARRAY_A || $output == ARRAY_N ) { // Return an integer-keyed array of... if ( $this->last_result ) { - foreach( (array) $this->last_result as $row ) { + foreach ( (array) $this->last_result as $row ) { if ( $output == ARRAY_N ) { // ...integer-keyed row arrays $new_array[] = array_values( get_object_vars( $row ) ); @@ -2237,7 +2529,6 @@ * Retrieves the character set for the given table. * * @since 4.2.0 - * @access protected * * @param string $table Table name. * @return string|WP_Error Table character set, WP_Error object if it couldn't be found. @@ -2246,7 +2537,7 @@ $tablekey = strtolower( $table ); /** - * Filter the table charset value before the DB is checked. + * Filters the table charset value before the DB is checked. * * Passing a non-null value to the filter will effectively short-circuit * checking the DB for the charset, returning that value instead. @@ -2338,19 +2629,18 @@ * Retrieves the character set for the given column. * * @since 4.2.0 - * @access public * * @param string $table Table name. * @param string $column Column name. - * @return mixed Column character set as a string. False if the column has no - * character set. WP_Error object if there was an error. + * @return string|false|WP_Error Column character set as a string. False if the column has no + * character set. WP_Error object if there was an error. */ public function get_col_charset( $table, $column ) { $tablekey = strtolower( $table ); $columnkey = strtolower( $column ); /** - * Filter the column charset value before the DB is checked. + * Filters the column charset value before the DB is checked. * * Passing a non-null value to the filter will short-circuit * checking the DB for the charset, returning that value instead. @@ -2367,7 +2657,7 @@ } // Skip this entirely if this isn't a MySQL database. - if ( false === $this->is_mysql ) { + if ( empty( $this->is_mysql ) ) { return false; } @@ -2403,20 +2693,19 @@ * The length may either be specified as a byte length or a character length. * * @since 4.2.1 - * @access public * * @param string $table Table name. * @param string $column Column name. - * @return mixed array( 'length' => (int), 'type' => 'byte' | 'char' ) - * false if the column has no length (for example, numeric column) - * WP_Error object if there was an error. + * @return array|false|WP_Error array( 'length' => (int), 'type' => 'byte' | 'char' ) + * false if the column has no length (for example, numeric column) + * WP_Error object if there was an error. */ public function get_col_length( $table, $column ) { $tablekey = strtolower( $table ); $columnkey = strtolower( $column ); // Skip this entirely if this isn't a MySQL database. - if ( false === $this->is_mysql ) { + if ( empty( $this->is_mysql ) ) { return false; } @@ -2448,47 +2737,45 @@ 'type' => 'char', 'length' => (int) $length, ); - break; + case 'binary': case 'varbinary': return array( 'type' => 'byte', 'length' => (int) $length, ); - break; + case 'tinyblob': case 'tinytext': return array( 'type' => 'byte', 'length' => 255, // 2^8 - 1 ); - break; + case 'blob': case 'text': return array( 'type' => 'byte', 'length' => 65535, // 2^16 - 1 ); - break; + case 'mediumblob': case 'mediumtext': return array( 'type' => 'byte', 'length' => 16777215, // 2^24 - 1 ); - break; + case 'longblob': case 'longtext': return array( 'type' => 'byte', 'length' => 4294967295, // 2^32 - 1 ); - break; + default: return false; } - - return false; } /** @@ -2498,7 +2785,6 @@ * the search to finish as soon as it encounters a non-ASCII character. * * @since 4.2.0 - * @access protected * * @param string $string String to check. * @return bool True if ASCII, false if not. @@ -2519,7 +2805,6 @@ * Check if the query is accessing a collation considered safe on the current version of MySQL. * * @since 4.2.0 - * @access protected * * @param string $query The query to check. * @return bool True if the collation is safe, false if it isn't. @@ -2560,7 +2845,7 @@ } // If any of the columns don't have one of these collations, it needs more sanity checking. - foreach( $this->col_meta[ $table ] as $col ) { + foreach ( $this->col_meta[ $table ] as $col ) { if ( empty( $col->Collation ) ) { continue; } @@ -2577,7 +2862,6 @@ * Strips any invalid characters based on value/charset pairs. * * @since 4.2.0 - * @access protected * * @param array $data Array of value arrays. Each value array has the keys * 'value' and 'charset'. An optional 'ascii' key can be @@ -2595,8 +2879,13 @@ if ( is_array( $value['length'] ) ) { $length = $value['length']['length']; + $truncate_by_byte_length = 'byte' === $value['length']['type']; } else { $length = false; + // Since we have no length, we'll never truncate. + // Initialize the variable to false. true would take us + // through an unnecessary (for this case) codepath below. + $truncate_by_byte_length = false; } // There's no charset to work with. @@ -2609,8 +2898,6 @@ continue; } - $truncate_by_byte_length = 'byte' === $value['length']['type']; - $needs_validation = true; if ( // latin1 can store any byte sequence @@ -2676,56 +2963,56 @@ $queries = array(); foreach ( $data as $col => $value ) { if ( ! empty( $value['db'] ) ) { - if ( ! isset( $queries[ $value['charset'] ] ) ) { - $queries[ $value['charset'] ] = array(); - } - // We're going to need to truncate by characters or bytes, depending on the length value we have. if ( 'byte' === $value['length']['type'] ) { - // Split the CONVERT() calls by charset, so we can make sure the connection is right - $queries[ $value['charset'] ][ $col ] = $this->prepare( "CONVERT( LEFT( CONVERT( %s USING binary ), %d ) USING {$value['charset']} )", $value['value'], $value['length']['length'] ); + // Using binary causes LEFT() to truncate by bytes. + $charset = 'binary'; + } else { + $charset = $value['charset']; + } + + if ( $this->charset ) { + $connection_charset = $this->charset; } else { - $queries[ $value['charset'] ][ $col ] = $this->prepare( "LEFT( CONVERT( %s USING {$value['charset']} ), %d )", $value['value'], $value['length']['length'] ); + if ( $this->use_mysqli ) { + $connection_charset = mysqli_character_set_name( $this->dbh ); + } else { + $connection_charset = mysql_client_encoding(); + } + } + + if ( is_array( $value['length'] ) ) { + $length = sprintf( '%.0f', $value['length']['length'] ); + $queries[ $col ] = $this->prepare( "CONVERT( LEFT( CONVERT( %s USING $charset ), $length ) USING $connection_charset )", $value['value'] ); + } else if ( 'binary' !== $charset ) { + // If we don't have a length, there's no need to convert binary - it will always return the same result. + $queries[ $col ] = $this->prepare( "CONVERT( CONVERT( %s USING $charset ) USING $connection_charset )", $value['value'] ); } unset( $data[ $col ]['db'] ); } } - $connection_charset = $this->charset; - foreach ( $queries as $charset => $query ) { + $sql = array(); + foreach ( $queries as $column => $query ) { if ( ! $query ) { continue; } - // Change the charset to match the string(s) we're converting - if ( $charset !== $connection_charset ) { - $connection_charset = $charset; - $this->set_charset( $this->dbh, $charset ); - } - - $this->check_current_query = false; - - $sql = array(); - foreach ( $query as $column => $column_query ) { - $sql[] = $column_query . " AS x_$column"; - } - - $row = $this->get_row( "SELECT " . implode( ', ', $sql ), ARRAY_A ); - if ( ! $row ) { - $this->set_charset( $this->dbh, $connection_charset ); - return new WP_Error( 'wpdb_strip_invalid_text_failure' ); - } - - foreach ( array_keys( $query ) as $column ) { + $sql[] = $query . " AS x_$column"; + } + + $this->check_current_query = false; + $row = $this->get_row( "SELECT " . implode( ', ', $sql ), ARRAY_A ); + if ( ! $row ) { + return new WP_Error( 'wpdb_strip_invalid_text_failure' ); + } + + foreach ( array_keys( $data ) as $column ) { + if ( isset( $row["x_$column"] ) ) { $data[ $column ]['value'] = $row["x_$column"]; } } - - // Don't forget to change the charset back! - if ( $connection_charset !== $this->charset ) { - $this->set_charset( $this->dbh ); - } } return $data; @@ -2735,7 +3022,6 @@ * Strips any invalid characters from the query. * * @since 4.2.0 - * @access protected * * @param string $query Query to convert. * @return string|WP_Error The converted query, or a WP_Error object if the conversion fails. @@ -2781,7 +3067,6 @@ * Strips any invalid characters from the string for a given table and column. * * @since 4.2.0 - * @access public * * @param string $table Table name. * @param string $column Column name. @@ -2822,7 +3107,6 @@ * Find the first table name referenced in a query. * * @since 4.2.0 - * @access protected * * @param string $query The query to search. * @return string|false $table The table name found, or false if a table couldn't be found. @@ -2834,11 +3118,8 @@ // Allow (select...) union [...] style queries. Use the first query's table name. $query = ltrim( $query, "\r\n\t (" ); - /* - * Strip everything between parentheses except nested selects and use only 1,000 - * chars of the query. - */ - $query = preg_replace( '/\((?!\s*select)[^(]*?\)/is', '()', substr( $query, 0, 1000 ) ); + // Strip everything between parentheses except nested selects. + $query = preg_replace( '/\((?!\s*select)[^(]*?\)/is', '()', $query ); // Quickly match most common queries. if ( preg_match( '/^\s*(?:' @@ -2846,17 +3127,23 @@ . '|INSERT(?:\s+LOW_PRIORITY|\s+DELAYED|\s+HIGH_PRIORITY)?(?:\s+IGNORE)?(?:\s+INTO)?' . '|REPLACE(?:\s+LOW_PRIORITY|\s+DELAYED)?(?:\s+INTO)?' . '|UPDATE(?:\s+LOW_PRIORITY)?(?:\s+IGNORE)?' - . '|DELETE(?:\s+LOW_PRIORITY|\s+QUICK|\s+IGNORE)*(?:\s+FROM)?' - . ')\s+((?:[0-9a-zA-Z$_.`]|[\xC2-\xDF][\x80-\xBF])+)/is', $query, $maybe ) ) { + . '|DELETE(?:\s+LOW_PRIORITY|\s+QUICK|\s+IGNORE)*(?:.+?FROM)?' + . ')\s+((?:[0-9a-zA-Z$_.`-]|[\xC2-\xDF][\x80-\xBF])+)/is', $query, $maybe ) ) { return str_replace( '`', '', $maybe[1] ); } - // SHOW TABLE STATUS and SHOW TABLES - if ( preg_match( '/^\s*(?:' - . 'SHOW\s+TABLE\s+STATUS.+(?:LIKE\s+|WHERE\s+Name\s*=\s*)' - . '|SHOW\s+(?:FULL\s+)?TABLES.+(?:LIKE\s+|WHERE\s+Name\s*=\s*)' - . ')\W((?:[0-9a-zA-Z$_.`]|[\xC2-\xDF][\x80-\xBF])+)\W/is', $query, $maybe ) ) { - return str_replace( '`', '', $maybe[1] ); + // SHOW TABLE STATUS and SHOW TABLES WHERE Name = 'wp_posts' + if ( preg_match( '/^\s*SHOW\s+(?:TABLE\s+STATUS|(?:FULL\s+)?TABLES).+WHERE\s+Name\s*=\s*("|\')((?:[0-9a-zA-Z$_.-]|[\xC2-\xDF][\x80-\xBF])+)\\1/is', $query, $maybe ) ) { + return $maybe[2]; + } + + // SHOW TABLE STATUS LIKE and SHOW TABLES LIKE 'wp\_123\_%' + // This quoted LIKE operand seldom holds a full table name. + // It is usually a pattern for matching a prefix so we just + // strip the trailing % and unescape the _ to get 'wp_123_' + // which drop-ins can use for routing these SQL statements. + if ( preg_match( '/^\s*SHOW\s+(?:TABLE\s+STATUS|(?:FULL\s+)?TABLES)\s+(?:WHERE\s+Name\s+)?LIKE\s*("|\')((?:[\\\\0-9a-zA-Z$_.-]|[\xC2-\xDF][\x80-\xBF])+)%?\\1/is', $query, $maybe ) ) { + return str_replace( '\\_', '_', $maybe[2] ); } // Big pattern for the rest of the table-related queries. @@ -2874,7 +3161,7 @@ . '|LOAD\s+DATA.*INFILE.*INTO\s+TABLE' . '|(?:GRANT|REVOKE).*ON\s+TABLE' . '|SHOW\s+(?:.*FROM|.*TABLE)' - . ')\s+\(*\s*((?:[0-9a-zA-Z$_.`]|[\xC2-\xDF][\x80-\xBF])+)\s*\)*/is', $query, $maybe ) ) { + . ')\s+\(*\s*((?:[0-9a-zA-Z$_.`-]|[\xC2-\xDF][\x80-\xBF])+)\s*\)*/is', $query, $maybe ) ) { return str_replace( '`', '', $maybe[1] ); } @@ -2886,19 +3173,20 @@ * * @since 3.5.0 * - * @access protected */ protected function load_col_info() { if ( $this->col_info ) return; if ( $this->use_mysqli ) { - for ( $i = 0; $i < @mysqli_num_fields( $this->result ); $i++ ) { - $this->col_info[ $i ] = @mysqli_fetch_field( $this->result ); + $num_fields = mysqli_num_fields( $this->result ); + for ( $i = 0; $i < $num_fields; $i++ ) { + $this->col_info[ $i ] = mysqli_fetch_field( $this->result ); } } else { - for ( $i = 0; $i < @mysql_num_fields( $this->result ); $i++ ) { - $this->col_info[ $i ] = @mysql_fetch_field( $this->result, $i ); + $num_fields = mysql_num_fields( $this->result ); + for ( $i = 0; $i < $num_fields; $i++ ) { + $this->col_info[ $i ] = mysql_fetch_field( $this->result, $i ); } } } @@ -2908,8 +3196,8 @@ * * @since 0.71 * - * @param string $info_type Optional. Type one of name, table, def, max_length, not_null, primary_key, multiple_key, unique_key, numeric, blob, type, unsigned, zerofill - * @param int $col_offset Optional. 0: col name. 1: which table the col's in. 2: col's max length. 3: if the col is numeric. 4: col's type + * @param string $info_type Optional. Type one of name, table, def, max_length, not_null, primary_key, multiple_key, unique_key, numeric, blob, type, unsigned, zerofill + * @param int $col_offset Optional. 0: col name. 1: which table the col's in. 2: col's max length. 3: if the col is numeric. 4: col's type * @return mixed Column Results */ public function get_col_info( $info_type = 'name', $col_offset = -1 ) { @@ -2919,7 +3207,7 @@ if ( $col_offset == -1 ) { $i = 0; $new_array = array(); - foreach( (array) $this->col_info as $col ) { + foreach ( (array) $this->col_info as $col ) { $new_array[$i] = $col->{$info_type}; $i++; } @@ -2935,7 +3223,7 @@ * * @since 1.5.0 * - * @return bool + * @return true */ public function timer_start() { $this->time_start = microtime( true ); @@ -2960,35 +3248,68 @@ * * @since 1.5.0 * - * @param string $message The Error message + * @param string $message The Error message * @param string $error_code Optional. A Computer readable string to identify the error. * @return false|void */ public function bail( $message, $error_code = '500' ) { if ( !$this->show_errors ) { - if ( class_exists( 'WP_Error' ) ) + if ( class_exists( 'WP_Error', false ) ) { $this->error = new WP_Error($error_code, $message); - else + } else { $this->error = $message; + } return false; } wp_die($message); } + + /** + * Closes the current database connection. + * + * @since 4.5.0 + * + * @return bool True if the connection was successfully closed, false if it wasn't, + * or the connection doesn't exist. + */ + public function close() { + if ( ! $this->dbh ) { + return false; + } + + if ( $this->use_mysqli ) { + $closed = mysqli_close( $this->dbh ); + } else { + $closed = mysql_close( $this->dbh ); + } + + if ( $closed ) { + $this->dbh = null; + $this->ready = false; + $this->has_connected = false; + } + + return $closed; + } + /** * Whether MySQL database is at least the required minimum version. * * @since 2.5.0 - * @uses $wp_version - * @uses $required_mysql_version * - * @return WP_Error + * @global string $wp_version + * @global string $required_mysql_version + * + * @return WP_Error|void */ public function check_database_version() { global $wp_version, $required_mysql_version; // Make sure the server has the required MySQL version - if ( version_compare($this->db_version(), $required_mysql_version, '<') ) + if ( version_compare($this->db_version(), $required_mysql_version, '<') ) { + /* translators: 1: WordPress version number, 2: Minimum required MySQL version number */ return new WP_Error('database_version', sprintf( __( 'ERROR: WordPress %1$s requires MySQL %2$s or higher' ), $wp_version, $required_mysql_version )); + } } /** @@ -2996,14 +3317,15 @@ * * Called when WordPress is generating the table scheme. * + * Use `wpdb::has_cap( 'collation' )`. + * * @since 2.5.0 - * @deprecated 3.5.0 - * @deprecated Use wpdb::has_cap( 'collation' ) + * @deprecated 3.5.0 Use wpdb::has_cap() * * @return bool True if collation is supported, false if version does not */ public function supports_collation() { - _deprecated_function( __FUNCTION__, '3.5', 'wpdb::has_cap( \'collation\' )' ); + _deprecated_function( __FUNCTION__, '3.5.0', 'wpdb::has_cap( \'collation\' )' ); return $this->has_cap( 'collation' ); } @@ -3029,14 +3351,15 @@ * Determine if a database supports a particular feature. * * @since 2.7.0 - * @since 4.1.0 Support was added for the 'utf8mb4' feature. + * @since 4.1.0 Added support for the 'utf8mb4' feature. + * @since 4.6.0 Added support for the 'utf8mb4_520' feature. * * @see wpdb::db_version() * * @param string $db_cap The feature to check for. Accepts 'collation', * 'group_concat', 'subqueries', 'set_charset', - * or 'utf8mb4'. - * @return bool Whether the database feature is supported, false otherwise. + * 'utf8mb4', or 'utf8mb4_520'. + * @return int|false Whether the database feature is supported, false otherwise. */ public function has_cap( $db_cap ) { $version = $this->db_version(); @@ -3068,6 +3391,8 @@ } else { return version_compare( $client_version, '5.5.3', '>=' ); } + case 'utf8mb4_520' : // @since 4.6.0 + return version_compare( $version, '5.6', '>=' ); } return false; @@ -3081,14 +3406,14 @@ * * @since 2.5.0 * - * @return string The name of the calling function + * @return string|array The name of the calling function */ public function get_caller() { return wp_debug_backtrace_summary( __CLASS__ ); } /** - * The database version number. + * Retrieves the MySQL server version. * * @since 2.7.0 *