Logic in `DB_Command::esc_like()` WP polyfill is not robust

[schlessera]

The logic in the DB_Command::esc_like() WP polyfile is not robust:

db-command/src/DB_Command.php

Lines 1075 to 1082 in a8a4a9d

	// Remove notices in 4.0 and support backwards compatibility
	if ( method_exists( $wpdb, 'esc_like' ) ) {
	// 4.0
	$old = $wpdb->esc_like( $old );
	} else {
	// 3.9 or less
	$old = like_escape( esc_sql( $old ) );
	}

The first conditional actually includes two requirements, but the else clause still fails for one of them.

For the first conditional to pass, the method needs not only to exist on the $wpdb variable, for this to be possible, $wpdb also needs to be a valid wpdb instance.

If $wpdb happens to be null for whatever reason (like calling DB_Command::esc_like() too early in the WP execution flow), then we'll call the deprecated like_escape() (and throw a notice), even though we might be on the latest WP version.

I'd suggest to throw a WP-CLI error inside of this polyfill if $wpdb happens to be null, to get rid of the notice and point to the correct issue.

[marksabbath]

@schlessera should something like this work?

if ( ! is_null( $wpdb ) ) {
    // Remove notices in 4.0 and support backwards compatibility 
    if ( method_exists( $wpdb, 'esc_like' ) ) { 
        // 4.0 
        $old = $wpdb->esc_like( $old ); 
    } else { 
        // 3.9 or less 
        $old = like_escape( esc_sql( $old ) ); 
    }
} else {
    WP_CLI::error( 'The object $wpdb could not be found.' );
}

I'm not quite sure if we could point in that message any extra information to make the user's life easier, so any suggestion would be very welcome :)

[schlessera]

@marksabbath You should always prefer to bail early, instead of an else, so this would then be:

if ( is_null( $wpdb ) ) {
    WP_CLI::error( 'The object $wpdb could not be found.' );
}

// Remove notices in 4.0 and support backwards compatibility 
if ( method_exists( $wpdb, 'esc_like' ) ) { 
    // 4.0 
    $old = $wpdb->esc_like( $old ); 
} else { 
    // 3.9 or less 
    $old = like_escape( esc_sql( $old ) ); 
}

Also, "could not be found" sounds as if a query or search was made. I think I'd prefer to message to just state something like:

The $wpdb object is not set.

It still does not provide any clear suggestion, but it is more correct than "not found", as we did find it, but it was null.