From dfb86dc9653aad71d518b191201f14450f85d99a Mon Sep 17 00:00:00 2001 From: Gary Pendergast Date: Tue, 28 Jul 2015 06:31:39 +0000 Subject: [PATCH] WPDB: When checking the encoding of strings against the database, make sure we're only relying on the return value of strings that were sent to the database. Also make sure that we're not trying to sanity check strings that've been marked as not needing sanity checking. Fixes #32279. git-svn-id: https://develop.svn.wordpress.org/trunk@33455 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/wp-db.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/wp-includes/wp-db.php b/src/wp-includes/wp-db.php index c480e46d68..9ce6519be1 100644 --- a/src/wp-includes/wp-db.php +++ b/src/wp-includes/wp-db.php @@ -2112,7 +2112,7 @@ class wpdb { public function get_var( $query = null, $x = 0, $y = 0 ) { $this->func_call = "\$db->get_var(\"$query\", $x, $y)"; - if ( $this->check_safe_collation( $query ) ) { + if ( $this->check_current_query && $this->check_safe_collation( $query ) ) { $this->check_current_query = false; } @@ -2147,7 +2147,7 @@ class wpdb { public function get_row( $query = null, $output = OBJECT, $y = 0 ) { $this->func_call = "\$db->get_row(\"$query\",$output,$y)"; - if ( $this->check_safe_collation( $query ) ) { + if ( $this->check_current_query && $this->check_safe_collation( $query ) ) { $this->check_current_query = false; } @@ -2188,7 +2188,7 @@ class wpdb { * @return array Database query result. Array indexed from 0 by SQL result row number. */ public function get_col( $query = null , $x = 0 ) { - if ( $this->check_safe_collation( $query ) ) { + if ( $this->check_current_query && $this->check_safe_collation( $query ) ) { $this->check_current_query = false; } @@ -2222,7 +2222,7 @@ class wpdb { public function get_results( $query = null, $output = OBJECT ) { $this->func_call = "\$db->get_results(\"$query\", $output)"; - if ( $this->check_safe_collation( $query ) ) { + if ( $this->check_current_query && $this->check_safe_collation( $query ) ) { $this->check_current_query = false; } @@ -2748,7 +2748,9 @@ class wpdb { } foreach ( array_keys( $data ) as $column ) { - $data[ $column ]['value'] = $row["x_$column"]; + if ( isset( $row["x_$column"] ) ) { + $data[ $column ]['value'] = $row["x_$column"]; + } } }