Ticket #6836: 6836.diff
File 6836.diff, 3.3 KB (added by , 17 years ago) |
---|
-
wp-admin/includes/post.php
360 360 361 361 $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' ); 362 362 363 $metakeyselect = $wpdb->escape( stripslashes( trim( $_POST['metakeyselect'] ) ) ); 364 $metakeyinput = $wpdb->escape( stripslashes( trim( $_POST['metakeyinput'] ) ) ); 365 $metavalue = maybe_serialize( stripslashes( (trim( $_POST['metavalue'] ) ) )); 366 $metavalue = $wpdb->escape( $metavalue ); 363 $metakeyselect = stripslashes( trim( $_POST['metakeyselect'] ) ); 364 $metakeyinput = stripslashes( trim( $_POST['metakeyinput'] ) ); 365 $meta_value = maybe_serialize( stripslashes( trim( $_POST['metavalue'] ) ) ); 367 366 368 if ( ('0' === $meta value || !empty ( $metavalue ) ) && ((('#NONE#' != $metakeyselect) && !empty ( $metakeyselect) ) || !empty ( $metakeyinput) ) ) {367 if ( ('0' === $meta_value || !empty ( $meta_value ) ) && ((('#NONE#' != $metakeyselect) && !empty ( $metakeyselect) ) || !empty ( $metakeyinput) ) ) { 369 368 // We have a key/value pair. If both the select and the 370 369 // input for the key have data, the input takes precedence: 371 370 372 371 if ('#NONE#' != $metakeyselect) 373 $meta key = $metakeyselect;372 $meta_key = $metakeyselect; 374 373 375 374 if ( $metakeyinput) 376 $meta key = $metakeyinput; // default375 $meta_key = $metakeyinput; // default 377 376 378 if ( in_array($meta key, $protected) )377 if ( in_array($meta_key, $protected) ) 379 378 return false; 380 379 381 380 wp_cache_delete($post_ID, 'post_meta'); 382 381 383 $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->postmeta 384 (post_id,meta_key,meta_value ) VALUES (%s, %s, %s)", 385 $post_ID, $metakey, $metavalue) ); 382 $wpdb->insert( $wpdb->postmeta, compact('post_ID', 'meta_key', 'meta_value')); 383 386 384 return $wpdb->insert_id; 387 385 } 388 386 return false; … … 431 429 432 430 } 433 431 434 function update_meta( $m id, $mkey, $mvalue ) {432 function update_meta( $meta_id, $meta_key, $meta_value ) { 435 433 global $wpdb; 436 434 437 435 $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' ); 438 436 439 if ( in_array($m key, $protected) )437 if ( in_array($meta_key, $protected) ) 440 438 return false; 441 439 442 $post_id = $wpdb->get_var( $wpdb->prepare("SELECT post_id FROM $wpdb->postmeta WHERE meta_id = %d", $m id) );440 $post_id = $wpdb->get_var( $wpdb->prepare("SELECT post_id FROM $wpdb->postmeta WHERE meta_id = %d", $meta_id) ); 443 441 wp_cache_delete($post_id, 'post_meta'); 444 442 445 $m value = maybe_serialize( stripslashes( $mvalue ));446 $m value = $wpdb->escape( $mvalue );447 $mid = (int) $mid; 448 return $wpdb-> query( $wpdb->prepare("UPDATE $wpdb->postmeta SET meta_key = %s, meta_value = %s WHERE meta_id = %d", $mkey, $mvalue, $mid) );443 $meta_value = maybe_serialize( stripslashes( $meta_value )); 444 $meta_id = (int) $meta_id; 445 446 return $wpdb->update( $wpdb->postmeta, compact('meta_key', 'meta_value'), compact('meta_id') ); 449 447 } 450 448 451 449 // … … 498 496 global $wpdb; 499 497 $old_ID = (int) $old_ID; 500 498 $new_ID = (int) $new_ID; 501 return $wpdb-> query( $wpdb->prepare("UPDATE $wpdb->posts SET post_parent = %d WHERE post_parent = %d", $new_ID,$old_ID) );499 return $wpdb->update($wpdb->posts, array('post_parent' => $new_ID), array('post_parent' => $old_ID) ); 502 500 } 503 501 504 502 function get_available_post_statuses($type = 'post') {