sqlite-database-integration
sqlite-database-integration copied to clipboard
Published
20 hours ago •
WordPress
WordPress
Deprecated: addslashes(): Passing null to parameter → `WP_SQLite_DB->_real_escape( $str )`
We noticed the following error:
Deprecated: addslashes(): Passing null to parameter #1 ($string) of type string is deprecated in sqlite-database-integration/wp-includes/sqlite/class-wp-sqlite-db.php on line 107
https://github.com/WordPress/sqlite-database-integration/blob/037f6efe3ac27e9cda668e6d13eb087ed5471bce/wp-includes/sqlite/class-wp-sqlite-db.php#L95-L108
I think that in certain cases null is passed to the _real_escape function.
In WordPress core they check on the type with is_scalar( $data ):
/**
* Real escape using mysqli_real_escape_string().
*
* @since 2.8.0
*
* @see mysqli_real_escape_string()
*
* @param string $data String to escape.
* @return string Escaped string.
*/
public function _real_escape( $data ) {
if ( ! is_scalar( $data ) ) {
return '';
}
if ( $this->dbh ) {
$escaped = mysqli_real_escape_string( $this->dbh, $data );
} else {
$class = get_class( $this );
wp_load_translations_early();
/* translators: %s: Database access abstraction class, usually wpdb or a class extending wpdb. */
_doing_it_wrong( $class, sprintf( __( '%s must set a database connection for use with escaping.' ), $class ), '3.6.0' );
$escaped = addslashes( $data );
}
return $this->add_placeholder_escape( $escaped );
}
https://github.com/WordPress/WordPress/blob/9fd435aa157ad7053cdcabed879b843342999ffe/wp-includes/class-wpdb.php#L1262-L1290
Maybe that should be added in this plugin too?
