WPDB: Force STRICT_ALL_TABLES to be enabled as soon as we connect to the MySQL server.

This improves data integrity when inserting and updating rows in the database, particularly when trying to insert emoji into posts stored with character sets that don't support emoji.

See #21212.


git-svn-id: https://develop.svn.wordpress.org/trunk@30400 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Gary Pendergast 2014-11-20 01:45:10 +00:00
parent 4a4c9d7667
commit cabcace53c
2 changed files with 187 additions and 43 deletions

View File

@ -566,8 +566,16 @@ class wpdb {
* @access protected * @access protected
* @var array * @var array
*/ */
protected $incompatible_modes = array( 'NO_ZERO_DATE', 'ONLY_FULL_GROUP_BY', protected $incompatible_modes = array( 'NO_ZERO_DATE', 'ONLY_FULL_GROUP_BY', 'TRADITIONAL' );
'STRICT_TRANS_TABLES', 'STRICT_ALL_TABLES', 'TRADITIONAL' );
/**
* A list of required SQL modes.
*
* @since 4.1.0
* @access protected
* @var array
*/
protected $required_modes = array( 'STRICT_ALL_TABLES' );
/** /**
* Whether to use mysqli over mysql. * Whether to use mysqli over mysql.
@ -778,31 +786,12 @@ class wpdb {
*/ */
public function set_sql_mode( $modes = array() ) { public function set_sql_mode( $modes = array() ) {
if ( empty( $modes ) ) { if ( empty( $modes ) ) {
if ( $this->use_mysqli ) { $modes = $this->get_var( "SELECT @@SESSION.sql_mode" );
$res = mysqli_query( $this->dbh, 'SELECT @@SESSION.sql_mode' ); if ( $modes ) {
$modes = $original_modes = explode( ',', $modes );
} else { } else {
$res = mysql_query( 'SELECT @@SESSION.sql_mode', $this->dbh ); $modes = $original_modes = array();
} }
if ( empty( $res ) ) {
return;
}
if ( $this->use_mysqli ) {
$modes_array = mysqli_fetch_array( $res );
if ( empty( $modes_array[0] ) ) {
return;
}
$modes_str = $modes_array[0];
} else {
$modes_str = mysql_result( $res, 0 );
}
if ( empty( $modes_str ) ) {
return;
}
$modes = explode( ',', $modes_str );
} }
$modes = array_change_key_case( $modes, CASE_UPPER ); $modes = array_change_key_case( $modes, CASE_UPPER );
@ -812,24 +801,36 @@ class wpdb {
* *
* @since 3.9.0 * @since 3.9.0
* *
* @see wpdb::$incompatible_modes
*
* @param array $incompatible_modes An array of incompatible modes. * @param array $incompatible_modes An array of incompatible modes.
*/ */
$incompatible_modes = (array) apply_filters( 'incompatible_sql_modes', $this->incompatible_modes ); $incompatible_modes = (array) apply_filters( 'incompatible_sql_modes', $this->incompatible_modes );
foreach( $modes as $i => $mode ) { /**
if ( in_array( $mode, $incompatible_modes ) ) { * Filter the list of required SQL modes to include.
unset( $modes[ $i ] ); *
* @since 4.1.0
*
* @param array $required_modes An array of required modes.
*/
$required_modes = (array) apply_filters( 'required_sql_modes', $this->required_modes );
$modes = array_diff( $modes, $incompatible_modes );
$modes = array_unique( array_merge( $modes, $required_modes ) );
// Don't run SET SESSION if we have nothing to change.
if ( isset( $original_modes ) ) {
sort( $original_modes );
sort( $modes );
if ( $original_modes === $modes ) {
return;
} }
} }
$modes_str = implode( ',', $modes ); $modes_str = implode( ',', $modes );
if ( $this->use_mysqli ) { $this->query( "SET SESSION sql_mode='$modes_str'" );
mysqli_query( $this->dbh, "SET SESSION sql_mode='$modes_str'" ); if ( $this->last_error ) {
} else { dead_db();
mysql_query( "SET SESSION sql_mode='$modes_str'", $this->dbh );
} }
} }
@ -1482,8 +1483,8 @@ class wpdb {
} else if ( $this->dbh ) { } else if ( $this->dbh ) {
$this->has_connected = true; $this->has_connected = true;
$this->set_charset( $this->dbh ); $this->set_charset( $this->dbh );
$this->set_sql_mode();
$this->ready = true; $this->ready = true;
$this->set_sql_mode();
$this->select( $this->dbname, $this->dbh ); $this->select( $this->dbname, $this->dbh );
return true; return true;

View File

@ -276,15 +276,18 @@ class Tests_DB extends WP_UnitTestCase {
* Test that SQL modes are set correctly * Test that SQL modes are set correctly
* @ticket 26847 * @ticket 26847
*/ */
public function test_set_sql_mode() { function test_set_sql_mode() {
global $wpdb; global $wpdb;
$current_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' ); $current_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' );
$new_modes = array( 'IGNORE_SPACE', 'NO_AUTO_CREATE_USER' ); $new_modes = $expected_modes = array( 'IGNORE_SPACE', 'NO_AUTO_CREATE_USER' );
$expected_modes[] = 'STRICT_ALL_TABLES';
$wpdb->set_sql_mode( $new_modes ); $wpdb->set_sql_mode( $new_modes );
$check_new_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' ); $check_new_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' );
$this->assertEquals( implode( ',', $new_modes ), $check_new_modes ); $this->assertEqualSets( $expected_modes, explode( ',', $check_new_modes ) );
$wpdb->set_sql_mode( explode( ',', $current_modes ) ); $wpdb->set_sql_mode( explode( ',', $current_modes ) );
} }
@ -293,7 +296,7 @@ class Tests_DB extends WP_UnitTestCase {
* Test that incompatible SQL modes are blocked * Test that incompatible SQL modes are blocked
* @ticket 26847 * @ticket 26847
*/ */
public function test_set_incompatible_sql_mode() { function test_set_incompatible_sql_mode() {
global $wpdb; global $wpdb;
$current_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' ); $current_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' );
@ -301,7 +304,7 @@ class Tests_DB extends WP_UnitTestCase {
$new_modes = array( 'IGNORE_SPACE', 'NO_ZERO_DATE', 'NO_AUTO_CREATE_USER' ); $new_modes = array( 'IGNORE_SPACE', 'NO_ZERO_DATE', 'NO_AUTO_CREATE_USER' );
$wpdb->set_sql_mode( $new_modes ); $wpdb->set_sql_mode( $new_modes );
$check_new_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' ); $check_new_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' );
$this->assertFalse( in_array( 'NO_ZERO_DATE', explode( ',', $check_new_modes ) ) ); $this->assertNotContains( 'NO_ZERO_DATE', explode( ',', $check_new_modes ) );
$wpdb->set_sql_mode( explode( ',', $current_modes ) ); $wpdb->set_sql_mode( explode( ',', $current_modes ) );
} }
@ -310,7 +313,7 @@ class Tests_DB extends WP_UnitTestCase {
* Test that incompatible SQL modes can be changed * Test that incompatible SQL modes can be changed
* @ticket 26847 * @ticket 26847
*/ */
public function test_set_allowed_incompatible_sql_mode() { function test_set_allowed_incompatible_sql_mode() {
global $wpdb; global $wpdb;
$current_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' ); $current_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' );
@ -322,7 +325,7 @@ class Tests_DB extends WP_UnitTestCase {
remove_filter( 'incompatible_sql_modes', array( $this, 'filter_allowed_incompatible_sql_mode' ), 1 ); remove_filter( 'incompatible_sql_modes', array( $this, 'filter_allowed_incompatible_sql_mode' ), 1 );
$check_new_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' ); $check_new_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' );
$this->assertTrue( in_array( 'NO_ZERO_DATE', explode( ',', $check_new_modes ) ) ); $this->assertContains( 'NO_ZERO_DATE', explode( ',', $check_new_modes ) );
$wpdb->set_sql_mode( explode( ',', $current_modes ) ); $wpdb->set_sql_mode( explode( ',', $current_modes ) );
} }
@ -339,6 +342,146 @@ class Tests_DB extends WP_UnitTestCase {
return $modes; return $modes;
} }
/**
* @ticket 21212
*/
function test_set_sql_mode_strict() {
global $wpdb;
$wpdb->set_sql_mode();
$sql_modes = $wpdb->get_var( 'SELECT @@SESSION.sql_mode;' );
$this->assertContains( 'STRICT_ALL_TABLES', explode( ',', $sql_modes ) );
}
/**
* @ticket 21212
*/
function test_strict_mode_numeric_strings() {
global $wpdb;
$post_id = $this->factory->post->create();
$wpdb->update( $wpdb->posts, array( 'post_parent' => 4 ), array( 'ID' => $post_id ), array( '%s' ) );
$this->assertContains( "`post_parent` = '4'", $wpdb->last_query );
$this->assertEmpty( $wpdb->last_error );
}
/**
* @ticket 21212
*/
function test_strict_mode_numeric_strings_using_query() {
global $wpdb;
$post_id = $this->factory->post->create();
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_parent = %s WHERE ID = %s", '4', $post_id ) );
$this->assertEmpty( $wpdb->last_error );
}
/**
* @ticket 21212
*/
function test_strict_mode_nan() {
global $wpdb;
$post_id = $this->factory->post->create();
$suppress = $wpdb->suppress_errors( true );
$wpdb->update( $wpdb->posts, array( 'post_parent' => 'foo' ), array( 'ID' => $post_id ), array( '%s' ) );
$this->assertContains( "`post_parent` = 'foo'", $wpdb->last_query );
$this->assertContains( 'Incorrect integer value', $wpdb->last_error );
$wpdb->suppress_errors( $suppress );
}
/**
* @ticket 21212
*/
function test_strict_mode_nan_using_query() {
global $wpdb;
$post_id = $this->factory->post->create();
$suppress = $wpdb->suppress_errors( true );
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_parent = %s WHERE ID = %s", 'foo', $post_id ) );
$this->assertContains( 'Incorrect integer value', $wpdb->last_error );
$wpdb->suppress_errors( $suppress );
}
/**
* @ticket 21212
*/
function test_strict_mode_number_start_of_string() {
global $wpdb;
$post_id = $this->factory->post->create();
$suppress = $wpdb->suppress_errors( true );
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_parent = %s WHERE ID = %s", '4foo', $post_id ) );
$this->assertContains( "Data truncated for column 'post_parent'", $wpdb->last_error );
$wpdb->suppress_errors( $suppress );
}
/**
* @ticket 21212
*/
function test_strict_mode_booleans_true() {
global $wpdb;
$user_id = $this->factory->user->create();
$wpdb->query( "UPDATE $wpdb->users SET user_status = true WHERE ID = $user_id" );
$this->assertEmpty( $wpdb->last_error );
$user = get_userdata( $user_id );
$this->assertSame( '1', $user->user_status );
}
/**
* @ticket 21212
*/
function test_strict_mode_booleans_false() {
global $wpdb;
$user_id = $this->factory->user->create();
$wpdb->query( "UPDATE $wpdb->users SET user_status = false WHERE ID = $user_id" );
$this->assertEmpty( $wpdb->last_error );
$user = get_userdata( $user_id );
$this->assertEquals( '0', $user->user_status );
}
/**
* @ticket 21212
*/
function test_strict_mode_zero_date_is_valid() {
global $wpdb;
$user_id = $this->factory->user->create();
$wpdb->query( "UPDATE $wpdb->users SET user_registered = '0000-00-00' WHERE ID = $user_id" );
$this->assertEmpty( $wpdb->last_error );
$user = get_userdata( $user_id );
$this->assertEquals( '0000-00-00 00:00:00', $user->user_registered );
}
/**
* @ticket 21212
*/
function test_strict_mode_zero_datetime_is_valid() {
global $wpdb;
$user_id = $this->factory->user->create();
$wpdb->query( "UPDATE $wpdb->users SET user_registered = '0000-00-00 00:00:00' WHERE ID = $user_id" );
$this->assertEmpty( $wpdb->last_error );
$user = get_userdata( $user_id );
$this->assertEquals( '0000-00-00 00:00:00', $user->user_registered );
}
/**
* @ticket 21212
*/
function test_strict_mode_invalid_dates_are_invalid() {
global $wpdb;
$user_id = $this->factory->user->create();
$suppress = $wpdb->suppress_errors( true );
$wpdb->query( "UPDATE $wpdb->users SET user_registered = '2014-02-29 00:00:00' WHERE ID = $user_id" );
$this->assertContains( 'Incorrect datetime value', $wpdb->last_error );
$wpdb->suppress_errors( $suppress );
}
/**
* @ticket 21212
*/
function test_strict_mode_nulls_are_invalid() {
global $wpdb;
$user_id = $this->factory->user->create();
$suppress = $wpdb->suppress_errors( true );
$wpdb->query( "UPDATE $wpdb->users SET user_nicename = NULL WHERE ID = $user_id" );
$this->assertContains( 'cannot be null', $wpdb->last_error );
$wpdb->suppress_errors( $suppress );
}
/** /**
* @ticket 25604 * @ticket 25604
* @expectedIncorrectUsage wpdb::prepare * @expectedIncorrectUsage wpdb::prepare
@ -766,7 +909,7 @@ class Tests_DB extends WP_UnitTestCase {
} }
/** /**
* @ ticket 21212 * @ticket 21212
*/ */
function test_pre_get_col_charset_filter() { function test_pre_get_col_charset_filter() {
add_filter( 'pre_get_col_charset', array( $this, 'filter_pre_get_col_charset' ), 10, 3 ); add_filter( 'pre_get_col_charset', array( $this, 'filter_pre_get_col_charset' ), 10, 3 );