I just updated the WP plug-in, now several of my tables show no results. This appears to be related to the query complexity / timeout. How do I role back to a previous version that worked?
Thank you for your help. That did not resolve the issue. I have a very closed system, and decided to change the function to not do any sanitizing. My queries are working now.
If you would like me to test any other iterations of changes, I would be happy too.
I found the issue with one of the field names that was being messed up by the replace. I have a field named "timeofupdate" that is being renamed to timeof by the sanitize query function.
My function now looks like, and works for my query.
I just updated the WP plug-in, now several of my tables show no results. This appears to be related to the query complexity / timeout. How do I role back to a previous version that worked?
Hi, David
Thanks for reaching out to us
Sorry for the inconvenience. Our developers will implement a fix as quickly as possible.
-
In the last update, the devs implemented improved sanitizing data from all sources in the plugin and one of them are SQL queries.
This will be fixed in the next update which will be very soon.
Until that, if you can please update this function
in file wp-content/plugins/wpdatatables/controllers/wdt_functions.php around line 892 you will find this
function wdtSanitizeQuery($query) { $query = str_replace('DELETE', '', $query); $query = str_replace('delete', '', $query); $query = str_replace('DROP', '', $query); $query = str_replace('drop', '', $query); $query = str_replace('INSERT', '', $query); $query = str_replace('insert', '', $query); $query = str_replace('UPDATE', '', $query); $query = str_replace('update', '', $query); $query = str_replace('TRUNCATE', '', $query); $query = str_replace('truncate', '', $query); $query = str_replace('CREATE', '', $query); $query = str_replace('create', '', $query); $query = str_replace('ALTER', '', $query); $query = str_replace('alter', '', $query); $query = stripslashes($query); $query = apply_filters('wpdt_sanitize_query',$query); return $query; }and you will need to replace it with this
function wdtSanitizeQuery($query) { $query = str_replace('DELETE ', '', $query); $query = str_replace('DELETE', '', $query); $query = str_replace('delete ', '', $query); $query = str_replace('DROP ', '', $query); $query = str_replace('DROP', '', $query); $query = str_replace('drop ', '', $query); $query = str_replace('INSERT ', '', $query); $query = str_replace('INSERT', '', $query); $query = str_replace('insert ', '', $query); $query = str_replace('UPDATE ', '', $query); $query = str_replace('UPDATE', '', $query); $query = str_replace('update ', '', $query); $query = str_replace('TRUNCATE ', '', $query); $query = str_replace('TRUNCATE', '', $query); $query = str_replace('truncate ', '', $query); $query = str_replace('CREATE ', '', $query); $query = str_replace('CREATE', '', $query); $query = str_replace('create ', '', $query); $query = str_replace('ALTER ', '', $query); $query = str_replace('ALTER', '', $query); $query = str_replace('alter ', '', $query); $query = stripslashes($query); $query = apply_filters('wpdt_sanitize_query',$query); return $query; }After that insert your requested query and save it and check if everything is OK.
Sorry for the inconvenience once more, and let me know how it goes.
Best regards.
Kind Regards,
Miloš Jovanović
[email protected]
Rate my support
Try our FREE mapping plugin! MapSVG - easy Google maps, interactive SVG maps and floor plans, choropleth maps and much more - https://wordpress.org/plugins/mapsvg-lite-interactive-vector-maps/
wpDataTables: FAQ | Facebook | Twitter | Instagram | Front-end and back-end demo | Docs
Amelia: FAQ | Facebook | Twitter | Instagram | Amelia demo sites | Docs | Discord Community
You can try wpDataTables add-ons before purchasing on these sandbox sites:
Powerful Filters | Gravity Forms Integration for wpDataTables | Formidable Forms Integration for wpDataTables | Master-Detail Tables
Thank you for your help. That did not resolve the issue. I have a very closed system, and decided to change the function to not do any sanitizing. My queries are working now.
If you would like me to test any other iterations of changes, I would be happy too.
I suspect the issue is in one of these:
$query = stripslashes($query); $query = apply_filters('wpdt_sanitize_query',$query);Current function in my plugin code that works (because it skips everything):
function wdtSanitizeQuery($query) { return $query; }Hey, David
I see.
Can you please try to replace the function:
function wdtSanitizeQuery($query) { return $query; }with this :
function wdtSanitizeQuery($query) { $query = str_replace('DELETE ', '', $query); $query = str_replace('DELETE', '', $query); $query = str_replace('delete ', '', $query); $query = str_replace('DROP ', '', $query); $query = str_replace('DROP', '', $query); $query = str_replace('drop ', '', $query); $query = str_replace('INSERT ', '', $query); $query = str_replace('INSERT', '', $query); $query = str_replace('insert ', '', $query); $query = str_replace('UPDATE ', '', $query); $query = str_replace('UPDATE', '', $query); $query = str_replace('update ', '', $query); $query = str_replace('TRUNCATE ', '', $query); $query = str_replace('TRUNCATE', '', $query); $query = str_replace('truncate ', '', $query); $query = str_replace('CREATE ', '', $query); $query = str_replace('CREATE', '', $query); $query = str_replace('create ', '', $query); $query = str_replace('ALTER ', '', $query); $query = str_replace('ALTER', '', $query); $query = str_replace('alter ', '', $query); $query = stripslashes($query); $query = apply_filters('wpdt_sanitize_query',$query); return $query; }And let us know how it goes, if you can, please
Kind Regards,
Miloš Jovanović
[email protected]
Rate my support
Try our FREE mapping plugin! MapSVG - easy Google maps, interactive SVG maps and floor plans, choropleth maps and much more - https://wordpress.org/plugins/mapsvg-lite-interactive-vector-maps/
wpDataTables: FAQ | Facebook | Twitter | Instagram | Front-end and back-end demo | Docs
Amelia: FAQ | Facebook | Twitter | Instagram | Amelia demo sites | Docs | Discord Community
You can try wpDataTables add-ons before purchasing on these sandbox sites:
Powerful Filters | Gravity Forms Integration for wpDataTables | Formidable Forms Integration for wpDataTables | Master-Detail Tables
I found the issue with one of the field names that was being messed up by the replace. I have a field named "timeofupdate" that is being renamed to timeof by the sanitize query function.
My function now looks like, and works for my query.
function wdtSanitizeQuery($query) { $query = str_replace('DELETE ', '', $query); $query = str_replace('DELETE', '', $query); $query = str_replace('delete ', '', $query); $query = str_replace('DROP ', '', $query); $query = str_replace('DROP', '', $query); $query = str_replace('drop ', '', $query); $query = str_replace('INSERT ', '', $query); $query = str_replace('INSERT', '', $query); $query = str_replace('insert ', '', $query); $query = str_replace('UPDATE ', '', $query); $query = str_replace('UPDATE', '', $query); /** $query = str_replace('update ', '', $query); **/ $query = str_replace('TRUNCATE ', '', $query); $query = str_replace('TRUNCATE', '', $query); $query = str_replace('truncate ', '', $query); $query = str_replace('CREATE ', '', $query); $query = str_replace('CREATE', '', $query); $query = str_replace('create ', '', $query); $query = str_replace('ALTER ', '', $query); $query = str_replace('ALTER', '', $query); $query = str_replace('alter ', '', $query); $query = stripslashes($query); $query = apply_filters('wpdt_sanitize_query',$query); return $query; }Thank you for your feedback, David.
Please note that we've released an update earlier today, so please update the plugin to v4.2.1, and let us know if there are any issues with it.
Kind Regards,
Aleksandar Vuković
[email protected]
Rate my support
wpDataTables: FAQ | Facebook | Twitter | Instagram | Front-end and back-end demo | Docs
Amelia: FAQ | Facebook | Twitter | Instagram | Amelia demo sites | Docs | Discord Community
You can try wpDataTables add-ons before purchasing on these sandbox sites:
Powerful Filters | Gravity Forms Integration for wpDataTables | Formidable Forms Integration for wpDataTables | Master-Detail Tables