mirror of
https://github.com/WordPress/WordPress.git
synced 2024-11-13 06:07:23 +01:00
3.9:
- WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly. - When upgrading, remove any suspicious comments. Built from https://develop.svn.wordpress.org/branches/3.9@32316 git-svn-id: http://core.svn.wordpress.org/branches/3.9@32287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Michael Adams
parent
ad0a3701d4
commit
10be03b2d7
@ -9,7 +9,7 @@
|
||||
<body>
|
||||
<h1 id="logo">
|
||||
<a href="https://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" /></a>
|
||||
<br /> Version 3.9.5
|
||||
<br /> Version 3.9.6
|
||||
</h1>
|
||||
<p style="text-align: center">Semantic Personal Publishing Platform</p>
|
||||
|
||||
|
||||
@ -39,7 +39,11 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
|
||||
</h2>
|
||||
|
||||
<div class="changelog point-releases">
|
||||
<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 5 ); ?></h3>
|
||||
<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 6 ); ?></h3>
|
||||
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
|
||||
'<strong>Version %1$s</strong> addressed some security issues.', 1 ), '3.9.6' ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'http://codex.wordpress.org/Version_3.9.6' ); ?>
|
||||
</p>
|
||||
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed %2$s bug.',
|
||||
'<strong>Version %1$s</strong> addressed %2$s bugs.', 1 ), '3.9.5', number_format_i18n( 1 ) ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_3.9.5' ); ?>
|
||||
|
||||
@ -430,6 +430,9 @@ function upgrade_all() {
|
||||
if ( $wp_current_db_version < 26691 )
|
||||
upgrade_380();
|
||||
|
||||
if ( $wp_current_db_version < 27917 )
|
||||
upgrade_396();
|
||||
|
||||
maybe_disable_link_manager();
|
||||
|
||||
maybe_disable_automattic_widgets();
|
||||
@ -1270,6 +1273,34 @@ function upgrade_380() {
|
||||
deactivate_plugins( array( 'mp6/mp6.php' ), true );
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Execute changes made in WordPress 3.9.6.
|
||||
*
|
||||
* @since 3.9.6
|
||||
*/
|
||||
function upgrade_396() {
|
||||
global $wp_current_db_version, $wpdb;
|
||||
|
||||
if ( $wp_current_db_version < 27917 ) {
|
||||
$content_length = $wpdb->get_col_length( $wpdb->comments, 'comment_content' );
|
||||
if ( ! $content_length ) {
|
||||
$content_length = 65535;
|
||||
}
|
||||
|
||||
$comments = $wpdb->get_results(
|
||||
"SELECT comment_ID FROM $wpdb->comments
|
||||
WHERE comment_date_gmt > '2015-04-26'
|
||||
AND CHAR_LENGTH( comment_content ) >= $content_length
|
||||
AND ( comment_content LIKE '%<%' OR comment_content LIKE '%>%' )"
|
||||
);
|
||||
|
||||
foreach ( $comments as $comment ) {
|
||||
wp_delete_comment( $comment->comment_ID, true );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Execute network level changes
|
||||
*
|
||||
|
||||
@ -11,7 +11,7 @@ $wp_version = '3.9.6';
|
||||
*
|
||||
* @global int $wp_db_version
|
||||
*/
|
||||
$wp_db_version = 27916;
|
||||
$wp_db_version = 27917;
|
||||
|
||||
/**
|
||||
* Holds the TinyMCE version
|
||||
|
||||
@ -1893,11 +1893,20 @@ class wpdb {
|
||||
*/
|
||||
protected function process_fields( $table, $data, $format ) {
|
||||
$data = $this->process_field_formats( $data, $format );
|
||||
if ( false === $data ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$data = $this->process_field_charsets( $data, $table );
|
||||
if ( false === $data ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$data = $this->process_field_lengths( $data, $table );
|
||||
if ( false === $data ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$converted_data = $this->strip_invalid_text( $data );
|
||||
|
||||
if ( $data !== $converted_data ) {
|
||||
@ -1978,6 +1987,40 @@ class wpdb {
|
||||
return $data;
|
||||
}
|
||||
|
||||
/**
|
||||
* For string fields, record the maximum string length that field can safely save.
|
||||
*
|
||||
* @since 4.2.1
|
||||
* @access protected
|
||||
*
|
||||
* @param array $data As it comes from the wpdb::process_field_charsets() method.
|
||||
* @param string $table Table name.
|
||||
* @return array|False The same array as $data with additional 'length' keys, or false if
|
||||
* any of the values were too long for their corresponding field.
|
||||
*/
|
||||
protected function process_field_lengths( $data, $table ) {
|
||||
foreach ( $data as $field => $value ) {
|
||||
if ( '%d' === $value['format'] || '%f' === $value['format'] ) {
|
||||
// We can skip this field if we know it isn't a string.
|
||||
// This checks %d/%f versus ! %s because it's sprintf() could take more.
|
||||
$value['length'] = false;
|
||||
} else {
|
||||
$value['length'] = $this->get_col_length( $table, $field );
|
||||
if ( is_wp_error( $value['length'] ) ) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if ( false !== $value['length'] && strlen( $value['value'] ) > $value['length'] ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$data[ $field ] = $value;
|
||||
}
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve one variable from the database.
|
||||
*
|
||||
@ -2298,6 +2341,77 @@ class wpdb {
|
||||
return $charset;
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve the maximum string length allowed in a given column.
|
||||
*
|
||||
* @since 4.2.1
|
||||
* @access public
|
||||
*
|
||||
* @param string $table Table name.
|
||||
* @param string $column Column name.
|
||||
* @return mixed Max column length as an int. False if the column has no
|
||||
* length. WP_Error object if there was an error.
|
||||
*/
|
||||
public function get_col_length( $table, $column ) {
|
||||
$tablekey = strtolower( $table );
|
||||
$columnkey = strtolower( $column );
|
||||
|
||||
// Skip this entirely if this isn't a MySQL database.
|
||||
if ( false === $this->is_mysql ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ( empty( $this->col_meta[ $tablekey ] ) ) {
|
||||
// This primes column information for us.
|
||||
$table_charset = $this->get_table_charset( $table );
|
||||
if ( is_wp_error( $table_charset ) ) {
|
||||
return $table_charset;
|
||||
}
|
||||
}
|
||||
|
||||
if ( empty( $this->col_meta[ $tablekey ][ $columnkey ] ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$typeinfo = explode( '(', $this->col_meta[ $tablekey ][ $columnkey ]->Type );
|
||||
|
||||
$type = strtolower( $typeinfo[0] );
|
||||
if ( ! empty( $typeinfo[1] ) ) {
|
||||
$length = trim( $typeinfo[1], ')' );
|
||||
} else {
|
||||
$length = false;
|
||||
}
|
||||
|
||||
switch( $type ) {
|
||||
case 'binary':
|
||||
case 'char':
|
||||
case 'varbinary':
|
||||
case 'varchar':
|
||||
return $length;
|
||||
break;
|
||||
case 'tinyblob':
|
||||
case 'tinytext':
|
||||
return 255; // 2^8 - 1
|
||||
break;
|
||||
case 'blob':
|
||||
case 'text':
|
||||
return 65535; // 2^16 - 1
|
||||
break;
|
||||
case 'mediumblob':
|
||||
case 'mediumtext':
|
||||
return 16777215; // 2^24 - 1
|
||||
break;
|
||||
case 'longblob':
|
||||
case 'longtext':
|
||||
return 4294967295; // 2^32 - 1
|
||||
break;
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if a string is ASCII.
|
||||
*
|
||||
|
||||
Loading…
Reference in New Issue
Block a user