Is there a DB Search Query I can run to see if this plugin is used anywhere?

  • wyclef

    (@wyclef)


    6 years, 6 months ago

    Hey, 10 years ago this plugin was installed on a site that has hundreds of posts and pages now.

    https://wordpress.org/plugins/php-execution-plugin/

    I don’t know what it was used for but I know that I gotta upgrade to PHP 7.2 and this plugin hasn’t been updated in years and has gotta go. In deactivating the plugin I don’t notice any errors and everything looks good but am wondering if there is a way to confirm that there was no PHP entered in any of the fields anywhere to make sure I am not missing something major here.

    Is there some kind of SQL query I can run on the DB to check for <?php or something related to this plugin specific to post and page fields? Would be great to find nothing so I can happily delete this old thing.

    Thanks!

Viewing 5 replies - 1 through 5 (of 5 total)
  • Joy

    (@joyously)

    6 years, 6 months ago

    If the plugin supplies a shortcode, you can use the search in the Posts list to find posts using it. (and again in Pages list, or any other custom post types) Or, like you say, search the whole table using SQL or a Search plugin.
    Widgets can have shortcodes, but that data is stored in the options table.
    It is unlikely that code would be in post meta fields, but that is in the post_meta table.

    Moderator bcworkz

    (@bcworkz)

    6 years, 6 months ago

    It looks like the plugin looks for <?php tags in content, but < chars should be converted to an HTML entity when saved, so a literal <?php search won’t match. Maybe search for just ?php? Check the results for false positives.

    Thread Starter wyclef

    (@wyclef)

    6 years, 6 months ago

    I did a DB dump searching for ?php and some things in wp_postmeta turned up such as <img src=\"<?php bloginfo(\'template_url\'); ?> should something like this be turning up in wp_postmeta and if not how could I easily track down what pages or posts this stuff is coming from? Also, I was checking in Sublime Text and I guess it had a hard time processing a 32mb SQL DB dump? Any recommendations on other programs which might handle such a thing better? Thanks for the help.

    Joy

    (@joyously)

    6 years, 6 months ago

    That is not a typical entry for the post_meta table. It would have to be evaluated, in order to get the actual values. That might be what that plugin was doing. The post meta should have a post_id column, so you use that to look in the post table for the post it belongs to.

    Since your database is large, you might need to dump one table at a time. Your editor can probably handle that. But you should be able to search the database directly using phpMyAdmin.

    Thread Starter wyclef

    (@wyclef)

    6 years, 6 months ago

    Well, upon looking into this further it looks like the ?php I am finding in the DB relates to Advanced Custom Fields repeater code, where I have a PHP file that is calling the ACF repeater function, and in that file is a little <?php. So I am not seeing anything inside any of the text fields in the admin area I think. I am not entirely sure how the ACF plugin works but is it possible it pulls in the generated repeater info in some cached sort of way into the DB? Sorry if all that sounds really dumb I simply don’t know. I may try to deactivate that PHP Execution plugin and see if I can spot any problems. Just have this feeling it isn’t in use but don’t really know.

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Is there a DB Search Query I can run to see if this plugin is used anywhere?’ is closed to new replies.