WordPress.org

Make WordPress Core

Ticket #17220: 17220.diff

File 17220.diff, 3.8 KB (added by nacin, 7 years ago)
  • wp-includes/post.php

     
    40634063 * @param string $post_type currently only supports 'post' or 'page'.
    40644064 * @return string SQL code that can be added to a where clause.
    40654065 */
    4066 function get_private_posts_cap_sql($post_type) {
    4067         return get_posts_by_author_sql($post_type, FALSE);
     4066function get_private_posts_cap_sql( $post_type ) {
     4067        return get_posts_by_author_sql( $post_type, false );
    40684068}
    40694069
    40704070/**
     
    40784078 * @param int $post_author Optional.  Query posts having a single author ID.
    40794079 * @return string SQL WHERE code that can be added to a query.
    40804080 */
    4081 function get_posts_by_author_sql($post_type, $full = TRUE, $post_author = NULL) {
     4081function get_posts_by_author_sql( $post_type, $full = true, $post_author = null ) {
    40824082        global $user_ID, $wpdb;
    40834083
    40844084        // Private posts
    4085         if ($post_type == 'post') {
    4086                 $cap = 'read_private_posts';
    4087         // Private pages
    4088         } elseif ($post_type == 'page') {
    4089                 $cap = 'read_private_pages';
    4090         // Dunno what it is, maybe plugins have their own post type?
    4091         } else {
    4092                 $cap = '';
    4093                 $cap = apply_filters('pub_priv_sql_capability', $cap);
     4085        $post_type_obj = get_post_type_object( $post_type );
     4086        if ( ! $post_type_obj )
     4087                return ' 1 = 0 ';
     4088        $cap = $post_type_object->cap->read_private_posts;
    40944089
    4095                 if (empty($cap)) {
    4096                         // We don't know what it is, filters don't change anything,
    4097                         // so set the SQL up to return nothing.
    4098                         return ' 1 = 0 ';
    4099                 }
    4100         }
    4101 
    4102         if ($full) {
    4103                 if (is_null($post_author)) {
    4104                         $sql = $wpdb->prepare('WHERE post_type = %s AND ', $post_type);
     4090        if ( $full ) {
     4091                if ( null === $post_author ) {
     4092                        $sql = $wpdb->prepare( 'WHERE post_type = %s AND ', $post_type );
    41054093                } else {
    4106                         $sql = $wpdb->prepare('WHERE post_author = %d AND post_type = %s AND ', $post_author, $post_type);
     4094                        $sql = $wpdb->prepare( 'WHERE post_author = %d AND post_type = %s AND ', $post_author, $post_type );
    41074095                }
    41084096        } else {
    41094097                $sql = '';
     
    41114099
    41124100        $sql .= "(post_status = 'publish'";
    41134101
    4114         if (current_user_can($cap)) {
     4102        if ( current_user_can( $cap ) ) {
    41154103                // Does the user have the capability to view private posts? Guess so.
    41164104                $sql .= " OR post_status = 'private'";
    4117         } elseif (is_user_logged_in()) {
     4105        } elseif ( is_user_logged_in() ) {
    41184106                // Users can view their own private posts.
    41194107                $id = (int) $user_ID;
    4120                 if (is_null($post_author) || !$full) {
     4108                if ( null === $post_author || ! $full ) {
    41214109                        $sql .= " OR post_status = 'private' AND post_author = $id";
    4122                 } elseif ($id == (int)$post_author) {
     4110                } elseif ( $id == (int) $post_author ) {
    41234111                        $sql .= " OR post_status = 'private'";
    41244112                } // else none
    41254113        } // else none
  • wp-includes/user.php

     
    165165 * Number of posts written by a list of users.
    166166 *
    167167 * @since 3.0.0
    168  * @param array $users User ID number list.
     168 * @param array $user_ids Array of user IDs.
     169 * @param string|array $post_type Optional. Post type to check. Defaults to post.
    169170 * @return array Amount of posts each user has written.
    170171 */
    171 function count_many_users_posts($users) {
     172function count_many_users_posts($users, $post_type = 'post' ) {
    172173        global $wpdb;
    173174
    174175        $count = array();
    175         if ( ! is_array($users) || empty( $users ) )
     176        if ( empty( $users ) || ! is_array( $users ) )
    176177                return $count;
    177178
    178         $userlist = implode( ',', $users );
    179         $where = get_posts_by_author_sql( 'post' );
     179        $userlist = implode( ',', array_map( 'absint', $users ) );
     180        $where = get_posts_by_author_sql( $post_type );
    180181
    181182        $result = $wpdb->get_results( "SELECT post_author, COUNT(*) FROM $wpdb->posts $where AND post_author IN ($userlist) GROUP BY post_author", ARRAY_N );
    182183        foreach ( $result as $row ) {