WordPress.org

Ready to get started?Download WordPress

Forums

WordPress MU Domain Mapping
[resolved] WP 3.6 outputs NOTICE warnings ESCAPE (14 posts)

  1. barkgj
    Member
    Posted 8 months ago #

    The Escape invocation on line 11 of sunrise.php causes notice messages to be outputted for each request made. The wpdb->escape function is said to be deprecated.

    http://wordpress.org/plugins/wordpress-mu-domain-mapping/

  2. Ron Rennick
    MultiSite Guru
    Plugin Author

    Posted 8 months ago #

    I'll put this thread on my list.

  3. MikeySmithy
    Member
    Posted 8 months ago #

    Yes, just got the same warning...

  4. barkgj
    Member
    Posted 8 months ago #

    For those who experience the problem here and looking for a solution, do a ob_clean invocation in the functions.php of your theme to clean the notice generated by sunrise.php. Worked for me :)

  5. MikeySmithy
    Member
    Posted 8 months ago #

    Well - why all the trouble?

    In order to ignore php warnings just set this in your wp-config.php

    define('WP_DEBUG_DISPLAY', false);

    BUT: This warning should really be taking care of by the developer. :-)

  6. barkgj
    Member
    Posted 8 months ago #

    True, but the downside of that approach is you also wont be able to see debug messages generated by other plugins / themes. Debugging lines _can_ be practical, unless they are not, like the one generated by sunrise.php ;)

  7. MikeySmithy
    Member
    Posted 8 months ago #

    Yes, you are right... :-)

    I really like having those warning messages being displayed. :-)

    Damn... I really hate updating wordpress... :-)

  8. Mark Rowatt Anderson
    Member
    Posted 8 months ago #

    If you don't want to turn WP_DEBUG/WP_DEBUG_DISPLAY off, the following fix worked for me:-

    Replace the line:-

    $dm_domain = $wpdb->escape( $_SERVER[ 'HTTP_HOST' ] );

    with:-

    $dm_domain = addslashes( $_SERVER[ 'HTTP_HOST' ] );

    As far as I can tell, addslashes is all that the $wpdb->escape method was doing in this case, so it should be equivalent.

  9. BackuPs
    Member
    Posted 8 months ago #

    Hi

    you can use esc_sql()

    http://codex.wordpress.org/Function_Reference/esc_sql

    instead of the addslashes

  10. Mark Rowatt Anderson
    Member
    Posted 8 months ago #

    Thanks. RTFM ;-)

    And having read the manual, it looks like they are equivalent anyway:-

    An alias for $wpdb->escape(). Prepares a string for use as an SQL query. A glorified addslashes() that works with arrays.

    Since $_SERVER[ 'HTTP_HOST' ] isn't an array, they will do the same thing, and I suppose using addslashes will save a msec or two :-)

  11. barkgj
    Member
    Posted 8 months ago #

    Ok thanks for your feedback all, I guess I can then mark the issue as resolved.

  12. Ron Rennick
    MultiSite Guru
    Plugin Author

    Posted 8 months ago #

    Actually, it's already being escaped below so you should be able to replace

    $dm_domain = $wpdb->escape( $_SERVER[ 'HTTP_HOST' ] );

    with

    $dm_domain = $_SERVER[ 'HTTP_HOST' ];

  13. Keith Aldrich
    Member
    Posted 6 months ago #

    This fixed my issue on one multisite install. Kudos and thanks for the help.

  14. tom.thetazulu
    Member
    Posted 5 months ago #

    Hi Ron,

    Thanks for the suggestion above, however after digging around the WordPress internals, I feel that esc_sql is the correct approach rather than removing the escape completely - this triggers _escape(), which is not depreciated and effectively does the same as the original escape() function.

    Keen to know your thoughts on this, and if it can be rolled into the plugin at some point? Always nervous about not explicitly escaping sql values, even $_SERVER values?

    Thanks!

Reply

You must log in to post.

About this Plugin

About this Topic