Use real escape in environments that support it. see #5455
git-svn-id: https://develop.svn.wordpress.org/trunk@10597 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
c1eaa022ba
commit
e09712d208
|
@ -272,6 +272,15 @@ class wpdb {
|
||||||
*/
|
*/
|
||||||
var $collate;
|
var $collate;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Whether to use mysql_real_escape_string
|
||||||
|
*
|
||||||
|
* @since 2.8.0
|
||||||
|
* @access public
|
||||||
|
* @var bool
|
||||||
|
*/
|
||||||
|
var $real_escape = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Connects to the database server and selects a database
|
* Connects to the database server and selects a database
|
||||||
*
|
*
|
||||||
|
@ -333,16 +342,17 @@ class wpdb {
|
||||||
$this->ready = true;
|
$this->ready = true;
|
||||||
|
|
||||||
if ( $this->has_cap( 'collation' ) ) {
|
if ( $this->has_cap( 'collation' ) ) {
|
||||||
$collation_query = '';
|
|
||||||
if ( !empty($this->charset) ) {
|
if ( !empty($this->charset) ) {
|
||||||
|
if ( function_exists('mysql_set_charset') ) {
|
||||||
|
mysql_set_charset($this->charset, $this->dbh);
|
||||||
|
$this->real_escape = true;
|
||||||
|
} else {
|
||||||
$collation_query = "SET NAMES '{$this->charset}'";
|
$collation_query = "SET NAMES '{$this->charset}'";
|
||||||
if ( !empty($this->collate) )
|
if ( !empty($this->collate) )
|
||||||
$collation_query .= " COLLATE '{$this->collate}'";
|
$collation_query .= " COLLATE '{$this->collate}'";
|
||||||
}
|
|
||||||
|
|
||||||
if ( !empty($collation_query) )
|
|
||||||
$this->query($collation_query);
|
$this->query($collation_query);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->select($dbname);
|
$this->select($dbname);
|
||||||
|
@ -426,14 +436,10 @@ class wpdb {
|
||||||
* @return string query safe string
|
* @return string query safe string
|
||||||
*/
|
*/
|
||||||
function escape($string) {
|
function escape($string) {
|
||||||
return addslashes( $string );
|
if ( $this->dbh && $this->real_escape )
|
||||||
// Disable rest for now, causing problems
|
|
||||||
/*
|
|
||||||
if( !$this->dbh || version_compare( phpversion(), '4.3.0' ) == '-1' )
|
|
||||||
return mysql_escape_string( $string );
|
|
||||||
else
|
|
||||||
return mysql_real_escape_string( $string, $this->dbh );
|
return mysql_real_escape_string( $string, $this->dbh );
|
||||||
*/
|
else
|
||||||
|
return addslashes( $string );
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in New Issue