/**
* Count of rows returned by previous query
*
- * @since 1.2.0
+ * @since 0.71
* @access private
* @var int
*/
var $insert_id = 0;
/**
- * Saved result of the last query made
+ * Last query made
*
- * @since 1.2.0
+ * @since 0.71
* @access private
* @var array
*/
/**
* Results of the last query made
*
- * @since 1.0.0
+ * @since 0.71
* @access private
* @var array|null
*/
var $last_result;
+ /**
+ * MySQL result, which is either a resource or boolean.
+ *
+ * @since 0.71
+ * @access protected
+ * @var mixed
+ */
+ protected $result;
+
/**
* Saved info on the table column
*
- * @since 1.2.0
- * @access private
+ * @since 0.71
+ * @access protected
* @var array
*/
- var $col_info;
+ protected $col_info;
/**
* Saved queries that were executed
* in a single database. The second reason is for possible
* security precautions.
*
- * @since 0.71
+ * @since 2.5.0
* @access private
* @var string
*/
/**
* Whether the database queries are ready to start executing.
*
- * @since 2.5.0
+ * @since 2.3.2
* @access private
* @var bool
*/
var $collate;
/**
- * Whether to use mysql_real_escape_string
+ * Database Username
*
- * @since 2.8.0
- * @access public
- * @var bool
+ * @since 2.9.0
+ * @access protected
+ * @var string
*/
- var $real_escape = false;
+ protected $dbuser;
/**
- * Database Username
+ * Database Password
*
- * @since 2.9.0
- * @access private
+ * @since 3.1.0
+ * @access protected
+ * @var string
+ */
+ protected $dbpassword;
+
+ /**
+ * Database Name
+ *
+ * @since 3.1.0
+ * @access protected
+ * @var string
+ */
+ protected $dbname;
+
+ /**
+ * Database Host
+ *
+ * @since 3.1.0
+ * @access protected
* @var string
*/
- var $dbuser;
+ protected $dbhost;
+
+ /**
+ * Database Handle
+ *
+ * @since 0.71
+ * @access protected
+ * @var string
+ */
+ protected $dbh;
/**
* A textual description of the last query/get_row/get_var call
* @param string $dbhost MySQL database host
*/
function __construct( $dbuser, $dbpassword, $dbname, $dbhost ) {
- register_shutdown_function( array( &$this, '__destruct' ) );
+ register_shutdown_function( array( $this, '__destruct' ) );
- if ( WP_DEBUG )
+ if ( WP_DEBUG && WP_DEBUG_DISPLAY )
$this->show_errors();
$this->init_charset();
return true;
}
+ /**
+ * PHP5 style magic getter, used to lazy-load expensive data.
+ *
+ * @since 3.5.0
+ *
+ * @param string $name The private member to get, and optionally process
+ * @return mixed The private member
+ */
+ function __get( $name ) {
+ if ( 'col_info' == $name )
+ $this->load_col_info();
+
+ return $this->$name;
+ }
+
+ /**
+ * Magic function, for backwards compatibility
+ *
+ * @since 3.5.0
+ *
+ * @param string $name The private member to set
+ * @param mixed $value The value to set
+ */
+ function __set( $name, $value ) {
+ $this->$name = $value;
+ }
+
+ /**
+ * Magic function, for backwards compatibility
+ *
+ * @since 3.5.0
+ *
+ * @param string $name The private member to check
+ *
+ * @return bool If the member is set or not
+ */
+ function __isset( $name ) {
+ return isset( $this->$name );
+ }
+
+ /**
+ * Magic function, for backwards compatibility
+ *
+ * @since 3.5.0
+ *
+ * @param string $name The private member to unset
+ */
+ function __unset( $name ) {
+ unset( $this->$name );
+ }
+
/**
* Set $this->charset and $this->collate
*
* @param string $charset The character set (optional)
* @param string $collate The collation (optional)
*/
- function set_charset($dbh, $charset = null, $collate = null) {
- if ( !isset($charset) )
+ function set_charset( $dbh, $charset = null, $collate = null ) {
+ if ( ! isset( $charset ) )
$charset = $this->charset;
- if ( !isset($collate) )
+ if ( ! isset( $collate ) )
$collate = $this->collate;
- if ( $this->has_cap( 'collation', $dbh ) && !empty( $charset ) ) {
- if ( function_exists( 'mysql_set_charset' ) && $this->has_cap( 'set_charset', $dbh ) ) {
+ if ( $this->has_cap( 'collation' ) && ! empty( $charset ) ) {
+ if ( function_exists( 'mysql_set_charset' ) && $this->has_cap( 'set_charset' ) ) {
mysql_set_charset( $charset, $dbh );
- $this->real_escape = true;
} else {
$query = $this->prepare( 'SET NAMES %s', $charset );
if ( ! empty( $collate ) )
}
/**
- * Weak escape, using addslashes()
+ * Do not use, deprecated.
+ *
+ * Use esc_sql() or wpdb::prepare() instead.
*
- * @see addslashes()
* @since 2.8.0
+ * @deprecated 3.6.0
+ * @see wpdb::prepare
+ * @see esc_sql()
* @access private
*
* @param string $string
* @return string
*/
function _weak_escape( $string ) {
+ if ( func_num_args() === 1 && function_exists( '_deprecated_function' ) )
+ _deprecated_function( __METHOD__, '3.6', 'wpdb::prepare() or esc_sql()' );
return addslashes( $string );
}
/**
- * Real escape, using mysql_real_escape_string() or addslashes()
+ * Real escape, using mysql_real_escape_string()
*
* @see mysql_real_escape_string()
- * @see addslashes()
* @since 2.8.0
* @access private
*
* @return string escaped
*/
function _real_escape( $string ) {
- if ( $this->dbh && $this->real_escape )
+ if ( $this->dbh )
return mysql_real_escape_string( $string, $this->dbh );
- else
- return addslashes( $string );
+
+ $class = get_class( $this );
+ _doing_it_wrong( $class, "$class must set a database connection for use with escaping.", E_USER_NOTICE );
+ return addslashes( $string );
}
/**
* Escape data. Works on arrays.
*
- * @uses wpdb::_escape()
* @uses wpdb::_real_escape()
* @since 2.8.0
* @access private
*/
function _escape( $data ) {
if ( is_array( $data ) ) {
- foreach ( (array) $data as $k => $v ) {
+ foreach ( $data as $k => $v ) {
if ( is_array($v) )
$data[$k] = $this->_escape( $v );
else
}
/**
- * Escapes content for insertion into the database using addslashes(), for security.
+ * Do not use, deprecated.
*
- * Works on arrays.
+ * Use esc_sql() or wpdb::prepare() instead.
*
* @since 0.71
- * @param string|array $data to escape
- * @return string|array escaped as query safe string
+ * @deprecated 3.6.0
+ * @see wpdb::prepare()
+ * @see esc_sql()
+ *
+ * @param mixed $data
+ * @return mixed
*/
function escape( $data ) {
+ if ( func_num_args() === 1 && function_exists( '_deprecated_function' ) )
+ _deprecated_function( __METHOD__, '3.6', 'wpdb::prepare() or esc_sql()' );
if ( is_array( $data ) ) {
- foreach ( (array) $data as $k => $v ) {
+ foreach ( $data as $k => $v ) {
if ( is_array( $v ) )
- $data[$k] = $this->escape( $v );
+ $data[$k] = $this->escape( $v, 'recursive' );
else
- $data[$k] = $this->_weak_escape( $v );
+ $data[$k] = $this->_weak_escape( $v, 'internal' );
}
} else {
- $data = $this->_weak_escape( $data );
+ $data = $this->_weak_escape( $data, 'internal' );
}
return $data;
* @return void
*/
function escape_by_ref( &$string ) {
- $string = $this->_real_escape( $string );
+ if ( ! is_float( $string ) )
+ $string = $this->_real_escape( $string );
}
/**
* @return null|false|string Sanitized query string, null if there is no query, false if there is an error and string
* if there was something to prepare
*/
- function prepare( $query = null ) { // ( $query, *$args )
+ function prepare( $query, $args ) {
if ( is_null( $query ) )
return;
$args = $args[0];
$query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it
$query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting
+ $query = preg_replace( '|(?<!%)%f|' , '%F', $query ); // Force floats to be locale unaware
$query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the strings, avoiding escaped strings like %%s
- array_walk( $args, array( &$this, 'escape_by_ref' ) );
+ array_walk( $args, array( $this, 'escape_by_ref' ) );
return @vsprintf( $query, $args );
}
else
$error_str = sprintf( __( 'WordPress database error %1$s for query %2$s' ), $str, $this->last_query );
- if ( function_exists( 'error_log' )
- && ( $log_file = @ini_get( 'error_log' ) )
- && ( 'syslog' == $log_file || @is_writable( $log_file ) )
- )
- @error_log( $error_str );
+ error_log( $error_str );
// Are we showing errors?
if ( ! $this->show_errors )
$this->last_result = array();
$this->col_info = null;
$this->last_query = null;
+ $this->rows_affected = $this->num_rows = 0;
+ $this->last_error = '';
+
+ if ( is_resource( $this->result ) )
+ mysql_free_result( $this->result );
}
/**
$this->is_mysql = true;
+ $new_link = defined( 'MYSQL_NEW_LINK' ) ? MYSQL_NEW_LINK : true;
+ $client_flags = defined( 'MYSQL_CLIENT_FLAGS' ) ? MYSQL_CLIENT_FLAGS : 0;
+
if ( WP_DEBUG ) {
- $this->dbh = mysql_connect( $this->dbhost, $this->dbuser, $this->dbpassword, true );
+ $this->dbh = mysql_connect( $this->dbhost, $this->dbuser, $this->dbpassword, $new_link, $client_flags );
} else {
- $this->dbh = @mysql_connect( $this->dbhost, $this->dbuser, $this->dbpassword, true );
+ $this->dbh = @mysql_connect( $this->dbhost, $this->dbuser, $this->dbpassword, $new_link, $client_flags );
}
if ( !$this->dbh ) {
function query( $query ) {
if ( ! $this->ready )
return false;
-
- // some queries are made before the plugins have been loaded, and thus cannot be filtered with this method
+ /**
+ * Filter the database query.
+ *
+ * Some queries are made before the plugins have been loaded, and thus cannot be filtered with this method.
+ *
+ * @since 2.1.0
+ * @param string $query Database query.
+ */
$query = apply_filters( 'query', $query );
$return_val = 0;
// If there is an error then take note of it..
if ( $this->last_error = mysql_error( $this->dbh ) ) {
+ // Clear insert_id on a subsequent failed insert.
+ if ( $this->insert_id && preg_match( '/^\s*(insert|replace)\s/i', $query ) )
+ $this->insert_id = 0;
+
$this->print_error();
return false;
}
- if ( preg_match( '/^\s*(create|alter|truncate|drop) /i', $query ) ) {
+ if ( preg_match( '/^\s*(create|alter|truncate|drop)\s/i', $query ) ) {
$return_val = $this->result;
- } elseif ( preg_match( '/^\s*(insert|delete|update|replace) /i', $query ) ) {
+ } elseif ( preg_match( '/^\s*(insert|delete|update|replace)\s/i', $query ) ) {
$this->rows_affected = mysql_affected_rows( $this->dbh );
// Take note of the insert_id
- if ( preg_match( '/^\s*(insert|replace) /i', $query ) ) {
+ if ( preg_match( '/^\s*(insert|replace)\s/i', $query ) ) {
$this->insert_id = mysql_insert_id($this->dbh);
}
// Return number of rows affected
$return_val = $this->rows_affected;
} else {
- $i = 0;
- while ( $i < @mysql_num_fields( $this->result ) ) {
- $this->col_info[$i] = @mysql_fetch_field( $this->result );
- $i++;
- }
$num_rows = 0;
while ( $row = @mysql_fetch_object( $this->result ) ) {
$this->last_result[$num_rows] = $row;
$num_rows++;
}
- @mysql_free_result( $this->result );
-
// Log number of rows the query returned
// and return number of rows selected
$this->num_rows = $num_rows;
function _insert_replace_helper( $table, $data, $format = null, $type = 'INSERT' ) {
if ( ! in_array( strtoupper( $type ), array( 'REPLACE', 'INSERT' ) ) )
return false;
+ $this->insert_id = 0;
$formats = $format = (array) $format;
$fields = array_keys( $data );
$formatted_fields = array();
return null;
}
+ /**
+ * Load the column metadata from the last query.
+ *
+ * @since 3.5.0
+ *
+ * @access protected
+ */
+ protected function load_col_info() {
+ if ( $this->col_info )
+ return;
+
+ for ( $i = 0; $i < @mysql_num_fields( $this->result ); $i++ ) {
+ $this->col_info[ $i ] = @mysql_fetch_field( $this->result, $i );
+ }
+ }
+
/**
* Retrieve column metadata from the last query.
*
* @return mixed Column Results
*/
function get_col_info( $info_type = 'name', $col_offset = -1 ) {
+ $this->load_col_info();
+
if ( $this->col_info ) {
if ( $col_offset == -1 ) {
$i = 0;
/**
* Wraps errors in a nice header and footer and dies.
*
- * Will not die if wpdb::$show_errors is true
+ * Will not die if wpdb::$show_errors is false.
*
* @since 1.5.0
*
* Called when WordPress is generating the table scheme.
*
* @since 2.5.0
+ * @deprecated 3.5.0
+ * @deprecated Use wpdb::has_cap( 'collation' )
*
* @return bool True if collation is supported, false if version does not
*/
function supports_collation() {
+ _deprecated_function( __FUNCTION__, '3.5', 'wpdb::has_cap( \'collation\' )' );
return $this->has_cap( 'collation' );
}
/**
- * Determine if a database supports a particular feature
+ * The database character collate.
+ *
+ * @since 3.5.0
+ *
+ * @return string The database character collate.
+ */
+ public function get_charset_collate() {
+ $charset_collate = '';
+
+ if ( ! empty( $this->charset ) )
+ $charset_collate = "DEFAULT CHARACTER SET $this->charset";
+ if ( ! empty( $this->collate ) )
+ $charset_collate .= " COLLATE $this->collate";
+
+ return $charset_collate;
+ }
+
+ /**
+ * Determine if a database supports a particular feature.
*
* @since 2.7.0
- * @see wpdb::db_version()
+ * @see wpdb::db_version()
*
- * @param string $db_cap the feature
+ * @param string $db_cap The feature to check for.
* @return bool
*/
function has_cap( $db_cap ) {
switch ( strtolower( $db_cap ) ) {
case 'collation' : // @since 2.5.0
- case 'group_concat' : // @since 2.7
- case 'subqueries' : // @since 2.7
+ case 'group_concat' : // @since 2.7.0
+ case 'subqueries' : // @since 2.7.0
return version_compare( $version, '4.1', '>=' );
case 'set_charset' :
- return version_compare($version, '5.0.7', '>=');
+ return version_compare( $version, '5.0.7', '>=' );
};
return false;