From c7f8735698c3b3d099333041a5ef7381edb54bd4 Mon Sep 17 00:00:00 2001
From: Gary Pendergast <pento@git.wordpress.org>
Date: Fri, 27 May 2016 01:53:09 +0000
Subject: [PATCH] Setup: Sanity check for invalid table prefixes.

There are some table prefixes (for example, `7e1_`), which MySQL will try and parse as values when they're note quoted in backticks. Because not everything remembers to quote their table names, it's best if we just discourage their use during setup.

Fixes #36422.



git-svn-id: https://develop.svn.wordpress.org/trunk@37581 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-admin/setup-config.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/wp-admin/setup-config.php b/src/wp-admin/setup-config.php
index 32c173df50..1ad40fcb6a 100644
--- a/src/wp-admin/setup-config.php
+++ b/src/wp-admin/setup-config.php
@@ -278,6 +278,12 @@ switch($step) {
 	if ( ! empty( $wpdb->error ) )
 		wp_die( $wpdb->error->get_error_message() . $tryagain_link );
 
+	$wpdb->query( "SELECT $prefix" );
+	if ( ! $wpdb->last_error ) {
+		// MySQL was able to parse the prefix as a value, which we don't want. Bail.
+		wp_die( __( '<strong>ERROR</strong>: "Table Prefix" is invalid.' ) );
+	}
+
 	// Generate keys and salts using secure CSPRNG; fallback to API if enabled; further fallback to original wp_generate_password().
 	try {
 		$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_ []{}<>~`+=,.;:/?|';