Setup: Sanity check for invalid table prefixes.

pento · pento · commit 88a23a830654 · 2016-05-27T01:53:09.000Z
There are some table prefixes (for example, `7e1_`), which MySQL will try and parse as values when they're note quoted in backticks. Because not everything remembers to quote their table names, it's best if we just discourage their use during setup. Fixes #36422. git-svn-id: https://develop.svn.wordpress.org/trunk@37581 602fd350-edb4-49c9-b593-d223f7449a82
diff --git a/src/wp-admin/setup-config.php b/src/wp-admin/setup-config.php
@@ -278,6 +278,12 @@ function setup_config_display_header( $body_classes = array() ) {
 	if ( ! empty( $wpdb->error ) )
 		wp_die( $wpdb->error->get_error_message() . $tryagain_link );
 
+	$wpdb->query( "SELECT $prefix" );
+	if ( ! $wpdb->last_error ) {
+		// MySQL was able to parse the prefix as a value, which we don't want. Bail.
+		wp_die( __( '<strong>ERROR</strong>: "Table Prefix" is invalid.' ) );
+	}
+
 	// Generate keys and salts using secure CSPRNG; fallback to API if enabled; further fallback to original wp_generate_password().
 	try {
 		$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_ []{}<>~`+=,.;:/?|';
