Skip to content
Browse files

fixes #1068 escape the `rank` new MySQL 8 reserved word

This time, we do it right before sending the query to MySQL, in the pwg_query
function. This is not optimal, because we add extra processing, useless most
of the time. This solution has less impact on code, and automatically work for
all core and plugins SQL queries.
  • Loading branch information...
plegall committed Aug 30, 2019
1 parent bf39de7 commit 5b65fca36c5c217940cb28cd59c6153b4f1c51c3
Showing with 9 additions and 0 deletions.
  1. +9 −0 include/dblayer/
@@ -128,6 +128,15 @@ function pwg_query($query)
global $mysqli, $conf, $page, $debug, $t2;
// starting with MySQL 8, rank becomes a reserved keyword, we need to escape it
if (preg_match('/\brank\b/', $query))
// first we unescape what's already escaped (to avoid double escaping)
$query = preg_replace('/`rank`/', 'rank', $query);
// then we escape the keyword
$query = preg_replace('/\brank\b/', '`rank`', $query);
$start = microtime(true);
($result = $mysqli->query($query)) or my_error($query, $conf['die_on_sql_error']);

0 comments on commit 5b65fca

Please sign in to comment.
You can’t perform that action at this time.