*/
var $collate;
- /**
- * Whether to use mysql_real_escape_string
- *
- * @since 2.8.0
- * @access public
- * @var bool
- */
- var $real_escape = false;
-
/**
* Database Username
*
function __construct( $dbuser, $dbpassword, $dbname, $dbhost ) {
register_shutdown_function( array( $this, '__destruct' ) );
- if ( WP_DEBUG )
+ if ( WP_DEBUG && WP_DEBUG_DISPLAY )
$this->show_errors();
$this->init_charset();
* @param string $charset The character set (optional)
* @param string $collate The collation (optional)
*/
- function set_charset($dbh, $charset = null, $collate = null) {
- if ( !isset($charset) )
+ function set_charset( $dbh, $charset = null, $collate = null ) {
+ if ( ! isset( $charset ) )
$charset = $this->charset;
- if ( !isset($collate) )
+ if ( ! isset( $collate ) )
$collate = $this->collate;
- if ( $this->has_cap( 'collation', $dbh ) && !empty( $charset ) ) {
- if ( function_exists( 'mysql_set_charset' ) && $this->has_cap( 'set_charset', $dbh ) ) {
+ if ( $this->has_cap( 'collation' ) && ! empty( $charset ) ) {
+ if ( function_exists( 'mysql_set_charset' ) && $this->has_cap( 'set_charset' ) ) {
mysql_set_charset( $charset, $dbh );
- $this->real_escape = true;
} else {
$query = $this->prepare( 'SET NAMES %s', $charset );
if ( ! empty( $collate ) )
}
/**
- * Weak escape, using addslashes()
+ * Do not use, deprecated.
+ *
+ * Use esc_sql() or wpdb::prepare() instead.
*
- * @see addslashes()
* @since 2.8.0
+ * @deprecated 3.6.0
+ * @see wpdb::prepare
+ * @see esc_sql()
* @access private
*
* @param string $string
* @return string
*/
function _weak_escape( $string ) {
+ if ( func_num_args() === 1 && function_exists( '_deprecated_function' ) )
+ _deprecated_function( __METHOD__, '3.6', 'wpdb::prepare() or esc_sql()' );
return addslashes( $string );
}
/**
- * Real escape, using mysql_real_escape_string() or addslashes()
+ * Real escape, using mysql_real_escape_string()
*
* @see mysql_real_escape_string()
- * @see addslashes()
* @since 2.8.0
* @access private
*
* @return string escaped
*/
function _real_escape( $string ) {
- if ( $this->dbh && $this->real_escape )
+ if ( $this->dbh )
return mysql_real_escape_string( $string, $this->dbh );
- else
- return addslashes( $string );
+
+ $class = get_class( $this );
+ _doing_it_wrong( $class, "$class must set a database connection for use with escaping.", E_USER_NOTICE );
+ return addslashes( $string );
}
/**
* Escape data. Works on arrays.
*
- * @uses wpdb::_escape()
* @uses wpdb::_real_escape()
* @since 2.8.0
* @access private
*/
function _escape( $data ) {
if ( is_array( $data ) ) {
- foreach ( (array) $data as $k => $v ) {
+ foreach ( $data as $k => $v ) {
if ( is_array($v) )
$data[$k] = $this->_escape( $v );
else
}
/**
- * Escapes content for insertion into the database using addslashes(), for security.
+ * Do not use, deprecated.
*
- * Works on arrays.
+ * Use esc_sql() or wpdb::prepare() instead.
*
* @since 0.71
- * @param string|array $data to escape
- * @return string|array escaped as query safe string
+ * @deprecated 3.6.0
+ * @see wpdb::prepare()
+ * @see esc_sql()
+ *
+ * @param mixed $data
+ * @return mixed
*/
function escape( $data ) {
+ if ( func_num_args() === 1 && function_exists( '_deprecated_function' ) )
+ _deprecated_function( __METHOD__, '3.6', 'wpdb::prepare() or esc_sql()' );
if ( is_array( $data ) ) {
- foreach ( (array) $data as $k => $v ) {
+ foreach ( $data as $k => $v ) {
if ( is_array( $v ) )
- $data[$k] = $this->escape( $v );
+ $data[$k] = $this->escape( $v, 'recursive' );
else
- $data[$k] = $this->_weak_escape( $v );
+ $data[$k] = $this->_weak_escape( $v, 'internal' );
}
} else {
- $data = $this->_weak_escape( $data );
+ $data = $this->_weak_escape( $data, 'internal' );
}
return $data;
* @return null|false|string Sanitized query string, null if there is no query, false if there is an error and string
* if there was something to prepare
*/
- function prepare( $query, $args = null ) {
+ function prepare( $query, $args ) {
if ( is_null( $query ) )
return;
- if ( func_num_args() < 2 )
- _doing_it_wrong( 'wpdb::prepare', 'wpdb::prepare() requires at least two arguments.', '3.5' );
-
$args = func_get_args();
array_shift( $args );
// If args were passed as an array (as in vsprintf), move them up
$this->last_result = array();
$this->col_info = null;
$this->last_query = null;
+ $this->rows_affected = $this->num_rows = 0;
+ $this->last_error = '';
if ( is_resource( $this->result ) )
mysql_free_result( $this->result );
function query( $query ) {
if ( ! $this->ready )
return false;
-
- // some queries are made before the plugins have been loaded, and thus cannot be filtered with this method
+ /**
+ * Filter the database query.
+ *
+ * Some queries are made before the plugins have been loaded, and thus cannot be filtered with this method.
+ *
+ * @since 2.1.0
+ * @param string $query Database query.
+ */
$query = apply_filters( 'query', $query );
$return_val = 0;
// If there is an error then take note of it..
if ( $this->last_error = mysql_error( $this->dbh ) ) {
+ // Clear insert_id on a subsequent failed insert.
+ if ( $this->insert_id && preg_match( '/^\s*(insert|replace)\s/i', $query ) )
+ $this->insert_id = 0;
+
$this->print_error();
return false;
}
function _insert_replace_helper( $table, $data, $format = null, $type = 'INSERT' ) {
if ( ! in_array( strtoupper( $type ), array( 'REPLACE', 'INSERT' ) ) )
return false;
+ $this->insert_id = 0;
$formats = $format = (array) $format;
$fields = array_keys( $data );
$formatted_fields = array();
}
/**
- * Determine if a database supports a particular feature
+ * Determine if a database supports a particular feature.
*
* @since 2.7.0
- * @see wpdb::db_version()
+ * @see wpdb::db_version()
*
- * @param string $db_cap the feature
+ * @param string $db_cap The feature to check for.
* @return bool
*/
function has_cap( $db_cap ) {
switch ( strtolower( $db_cap ) ) {
case 'collation' : // @since 2.5.0
- case 'group_concat' : // @since 2.7
- case 'subqueries' : // @since 2.7
+ case 'group_concat' : // @since 2.7.0
+ case 'subqueries' : // @since 2.7.0
return version_compare( $version, '4.1', '>=' );
case 'set_charset' :
- return version_compare($version, '5.0.7', '>=');
+ return version_compare( $version, '5.0.7', '>=' );
};
return false;