WordPress.org

Make WordPress Core

Ticket #6836: wordpress_sqlannotations_simple.diff

File wordpress_sqlannotations_simple.diff, 76.5 KB (added by noroute, 9 years ago)

Simple annotation version to mark all the remaining raw uses of INSERT/UPDATE (+simple cases of DELETE and SELECT)

  • wp-comments-post.php

     
    1919
    2020$comment_post_ID = (int) $_POST['comment_post_ID'];
    2121
     22// @RawSQLUse, trivial_implementation
    2223$status = $wpdb->get_row( $wpdb->prepare("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) );
    2324
    2425if ( empty($status->comment_status) ) {
  • wp-login.php

     
    133133        else if ( is_wp_error($allow) )
    134134                return $allow;
    135135
     136        // @RawSQLUse, trivial_implementation
    136137        $key = $wpdb->get_var($wpdb->prepare("SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login));
    137138        if ( empty($key) ) {
    138139                // Generate something random for a key...
    139140                $key = wp_generate_password(20, false);
    140141                do_action('retrieve_password_key', $user_login, $key);
    141142                // Now insert the new md5 key into the db
     143                // @RawSQLUse, method_exists
    142144                $wpdb->query($wpdb->prepare("UPDATE $wpdb->users SET user_activation_key = %s WHERE user_login = %s", $key, $user_login));
    143145        }
    144146        $message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n";
     
    169171        if ( empty( $key ) )
    170172                return new WP_Error('invalid_key', __('Invalid key'));
    171173
     174        // @RawSQLUse, trivial_implementation
    172175        $user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_activation_key = %s", $key));
    173176        if ( empty( $user ) )
    174177                return new WP_Error('invalid_key', __('Invalid key'));
  • wp-includes/taxonomy.php

     
    864864
    865865                return $wpdb->get_row( $wpdb->prepare("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $else_where AND tt.taxonomy = %s", $term, $taxonomy), ARRAY_A);
    866866        }
    867 
    868867        if ( $result = $wpdb->get_var( $wpdb->prepare("SELECT term_id FROM $wpdb->terms as t WHERE $where", $slug) ) )
    869868                return $result;
    870869
     
    11061105                $wpdb->update( $wpdb->term_taxonomy, compact( 'parent' ), array( 'parent' => $term_obj->term_id) + compact( 'taxonomy' ) );
    11071106        }
    11081107
     1108        // @RawSQLUse, trivial_implementation
    11091109        $objects = $wpdb->get_col( $wpdb->prepare( "SELECT object_id FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $tt_id ) );
    11101110
    11111111        foreach ( (array) $objects as $object ) {
     
    11181118                wp_set_object_terms($object, $terms, $taxonomy);
    11191119        }
    11201120
     1121        // @RawSQLUse, trivial_implementation
    11211122        $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->term_taxonomy WHERE term_taxonomy_id = %d", $tt_id ) );
    11221123
    11231124        // Delete the term if no taxonomies use it.
    11241125        if ( !$wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE term_id = %d", $term) ) )
     1126                // @RawSQLUse, trivial_implementation
    11251127                $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->terms WHERE term_id = %d", $term) );
    11261128
    11271129        clean_term_cache($term, $taxonomy);
     
    13221324
    13231325        $term_group = 0;
    13241326        if ( $alias_of ) {
     1327                // @RawSQLUse, trivial_implementation
    13251328                $alias = $wpdb->get_row( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $alias_of) );
    13261329                if ( $alias->term_group ) {
    13271330                        // The alias we want is already in a group, so let's use that one.
     
    13291332                } else {
    13301333                        // The alias isn't in a group, so let's create a new one and firstly add the alias term to it.
    13311334                        $term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms") + 1;
     1335                        // @RawSQLUse, method_exists
    13321336                        $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->terms SET term_group = %d WHERE term_id = %d", $term_group, $alias->term_id ) );
    13331337                }
    13341338        }
     
    14231427                $tt_id = $term_info['term_taxonomy_id'];
    14241428                $tt_ids[] = $tt_id;
    14251429
     1430                // @RawSQLUse, trivial_implementation
    14261431                if ( $wpdb->get_var( $wpdb->prepare( "SELECT term_taxonomy_id FROM $wpdb->term_relationships WHERE object_id = %d AND term_taxonomy_id = %d", $object_id, $tt_id ) ) )
    14271432                        continue;
    14281433                $wpdb->insert( $wpdb->term_relationships, array( 'object_id' => $object_id, 'term_taxonomy_id' => $tt_id ) );
     
    15001505        if ( !empty($args['term_id']) )
    15011506                $query = $wpdb->prepare( "SELECT slug FROM $wpdb->terms WHERE slug = %s AND term_id != %d", $slug, $args['term_id'] );
    15021507        else
     1508                // @RawSQLUse, trivial_implementation
    15031509                $query = $wpdb->prepare( "SELECT slug FROM $wpdb->terms WHERE slug = %s", $slug );
    15041510
    15051511        if ( $wpdb->get_var( $query ) ) {
     
    15071513                do {
    15081514                        $alt_slug = $slug . "-$num";
    15091515                        $num++;
     1516                        // @RawSQLUse, trivial_implementation
    15101517                        $slug_check = $wpdb->get_var( $wpdb->prepare( "SELECT slug FROM $wpdb->terms WHERE slug = %s", $alt_slug ) );
    15111518                } while ( $slug_check );
    15121519                $slug = $alt_slug;
     
    15861593        }
    15871594
    15881595        if ( $alias_of ) {
     1596                // @RawSQLUse, trivial_implementation
    15891597                $alias = $wpdb->get_row( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $alias_of) );
    15901598                if ( $alias->term_group ) {
    15911599                        // The alias we want is already in a group, so let's use that one.
     
    15981606        }
    15991607
    16001608        // Check for duplicate slug
     1609        // @RawSQLUse, trivial_implementation
    16011610        $id = $wpdb->get_var( $wpdb->prepare( "SELECT term_id FROM $wpdb->terms WHERE slug = %s", $slug ) );
    16021611        if ( $id && ($id != $term_id) ) {
    16031612                // If an empty slug was passed or the parent changed, reset the slug to something unique.
  • wp-includes/post.php

     
    424424        global $wpdb;
    425425
    426426        $post_type = sanitize_post_field('post_type', $post_type, $post_id, 'db');
     427        // @RawSQLUse, method_exists
    427428        $return = $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_type = %s WHERE ID = %d", $post_type, $post_id) );
    428429
    429430        if ( 'page' == $post_type )
     
    519520        // expected_slashed ($meta_key)
    520521        $meta_key = stripslashes($meta_key);
    521522
     523        // @RawSQLUse, trivial_implementation
    522524        if ( $unique && $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) )
    523525                return false;
    524526
     
    559561        $meta_value = maybe_serialize( stripslashes_deep($meta_value) );
    560562
    561563        if ( empty( $meta_value ) )
     564                // @RawSQLUse, trivial_implementation
    562565                $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $meta_key ) );
    563566        else
     567                // @RawSQLUse, trivial_implementation
    564568                $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $meta_key, $meta_value ) );
    565569
    566570        if ( !$meta_id )
    567571                return false;
    568572
    569573        if ( empty( $meta_value ) )
     574                // @RawSQLUse, trivial_implementation
    570575                $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $meta_key ) );
    571576        else
     577                // @RawSQLUse, trivial_implementation
    572578                $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $meta_key, $meta_value ) );
    573579
    574580        wp_cache_delete($post_id, 'post_meta');
     
    637643        // expected_slashed ($meta_key)
    638644        $meta_key = stripslashes($meta_key);
    639645
     646        // @RawSQLUse, trivial_implementation
    640647        if ( ! $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) ) {
    641648                return add_post_meta($post_id, $meta_key, $meta_value);
    642649        }
     
    667674 */
    668675function delete_post_meta_by_key($post_meta_key) {
    669676        global $wpdb;
     677        // @RawSQLUse, trivial_implementation
    670678        if ( $wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE meta_key = %s", $post_meta_key)) ) {
    671679                /** @todo Get post_ids and delete cache */
    672680                // wp_cache_delete($post_id, 'post_meta');
     
    11011109function wp_delete_post($postid = 0) {
    11021110        global $wpdb, $wp_rewrite;
    11031111
     1112        // @RawSQLUse, trivial_implementation
    11041113        if ( !$post = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID = %d", $postid)) )
    11051114                return $post;
    11061115
     
    11271136                }
    11281137
    11291138                // Point children of this page to its parent, also clean the cache of affected children
     1139                // @RawSQLUse, trivial_implementation
    11301140                $children_query = $wpdb->prepare("SELECT * FROM $wpdb->posts WHERE post_parent = %d AND post_type='page'", $postid);
    11311141                $children = $wpdb->get_results($children_query);
    11321142
     
    11361146        }
    11371147
    11381148        // Do raw query.  wp_get_post_revisions() is filtered
     1149        // @RawSQLUse, trivial_implementation
    11391150        $revision_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_parent = %d AND post_type = 'revision'", $postid ) );
    11401151        // Use wp_delete_post (via wp_delete_post_revision) again.  Ensures any meta/misplaced data gets cleaned up.
    11411152        foreach ( $revision_ids as $revision_id )
     
    11441155        // Point all attachments to this post up one level
    11451156        $wpdb->update( $wpdb->posts, $parent_data, $parent_where + array( 'post_type' => 'attachment' ) );
    11461157
     1158        // @RawSQLUse, trivial_implementation
    11471159        $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid ));
    11481160
     1161        // @RawSQLUse, trivial_implementation
    11491162        $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->comments WHERE comment_post_ID = %d", $postid ));
    11501163
     1164        // @RawSQLUse, trivial_implementation
    11511165        $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d", $postid ));
    11521166
    11531167        if ( 'page' == $post->post_type ) {
     
    15001514                // If there is a suggested ID, use it if not already present
    15011515                if ( !empty($import_id) ) {
    15021516                        $import_id = (int) $import_id;
     1517                        // @RawSQLUse, trivial_implementation
    15031518                        if ( ! $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE ID = %d", $import_id) ) ) {
    15041519                                $data['ID'] = $import_id;
    15051520                        }
     
    18141829 */
    18151830function add_ping($post_id, $uri) {
    18161831        global $wpdb;
     1832        // @RawSQLUse, trivial_implementation
    18171833        $pung = $wpdb->get_var( $wpdb->prepare( "SELECT pinged FROM $wpdb->posts WHERE ID = %d", $post_id ));
    18181834        $pung = trim($pung);
    18191835        $pung = preg_split('/\s/', $pung);
     
    18631879 */
    18641880function get_pung($post_id) {
    18651881        global $wpdb;
     1882        // @RawSQLUse, trivial_implementation
    18661883        $pung = $wpdb->get_var( $wpdb->prepare( "SELECT pinged FROM $wpdb->posts WHERE ID = %d", $post_id ));
    18671884        $pung = trim($pung);
    18681885        $pung = preg_split('/\s/', $pung);
     
    18811898 */
    18821899function get_to_ping($post_id) {
    18831900        global $wpdb;
     1901        // @RawSQLUse, trivial_implementation
    18841902        $to_ping = $wpdb->get_var( $wpdb->prepare( "SELECT to_ping FROM $wpdb->posts WHERE ID = %d", $post_id ));
    18851903        $to_ping = trim($to_ping);
    18861904        $to_ping = preg_split('/\s/', $to_ping, -1, PREG_SPLIT_NO_EMPTY);
     
    19351953        global $wpdb;
    19361954
    19371955        if ( ! $page_ids = wp_cache_get('all_page_ids', 'posts') ) {
     1956                // @RawSQLUse, trivial_implementation
    19381957                $page_ids = $wpdb->get_col("SELECT ID FROM $wpdb->posts WHERE post_type = 'page'");
    19391958                wp_cache_add('all_page_ids', $page_ids, 'posts');
    19401959        }
     
    19972016                $path = '/' . $leaf_path;
    19982017                $curpage = $page;
    19992018                while ($curpage->post_parent != 0) {
     2019                        // @RawSQLUse, trivial_implementation
    20002020                        $curpage = $wpdb->get_row( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE ID = %d and post_type='page'", $curpage->post_parent ));
    20012021                        $path = '/' . $curpage->post_name . $path;
    20022022                }
     
    20202040 */
    20212041function get_page_by_title($page_title, $output = OBJECT) {
    20222042        global $wpdb;
     2043        // @RawSQLUse, trivial_implementation
    20232044        $page = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_title = %s AND post_type='page'", $page_title ));
    20242045        if ( $page )
    20252046                return get_page($page, $output);
     
    21142135 *
    21152136 * @param mixed $args Optional. Array or string of options that overrides defaults.
    21162137 * @return array List of pages matching defaults or $args
     2138 * @RawSQLUse, algorithmic
    21172139 */
     2140
    21182141function &get_pages($args = '') {
    21192142        global $wpdb;
    21202143
     
    24372460                // If there is a suggested ID, use it if not already present
    24382461                if ( !empty($import_id) ) {
    24392462                        $import_id = (int) $import_id;
     2463                        // @RawSQLUse, trivial_implementation
    24402464                        if ( ! $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE ID = %d", $import_id) ) ) {
    24412465                                $data['ID'] = $import_id;
    24422466                        }
     
    24842508function wp_delete_attachment($postid) {
    24852509        global $wpdb;
    24862510
     2511        // @RawSQLUse, trivial_implementation
    24872512        if ( !$post = $wpdb->get_row(  $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE ID = %d", $postid)) )
    24882513                return $post;
    24892514
     
    24982523        /** @todo Delete for pluggable post taxonomies too */
    24992524        wp_delete_object_term_relationships($postid, array('category', 'post_tag'));
    25002525
     2526        // @RawSQLUse, trivial_implementation
    25012527        $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid ));
    25022528
     2529        // @RawSQLUse, trivial_implementation
    25032530        $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->comments WHERE comment_post_ID = %d", $postid ));
    25042531
     2532        // @RawSQLUse, trivial_implementation
    25052533        $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d ", $postid ));
    25062534
    25072535        $uploadPath = wp_upload_dir();
     
    28332861 * @param string $post_type currently only supports 'post' or 'page'.
    28342862 * @return string SQL code that can be added to a where clause.
    28352863 */
     2864
    28362865function get_private_posts_cap_sql($post_type) {
    28372866        global $user_ID;
    28382867        $cap = '';
     
    30033032
    30043033        do_action('clean_post_cache', $id);
    30053034
     3035        // @RawSQLUse, trivial_implementation
    30063036        if ( $children = $wpdb->get_col( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_parent = %d", $id) ) ) {
    30073037                foreach( $children as $cid )
    30083038                        clean_post_cache( $cid );
  • wp-includes/comment.php

     
    736736
    737737        $comment = get_comment($comment_id);
    738738
     739        // @RawSQLUse, trivial_implementation
    739740        if ( ! $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->comments WHERE comment_ID = %d LIMIT 1", $comment_id) ) )
    740741                return false;
    741742
     
    878879        if ( ! isset($comment_type) )
    879880                $comment_type = '';
    880881
     882        // @RawSQLUse, method_exists
    881883        $result = $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->comments
    882884        (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id)
    883885        VALUES (%d, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %d, %d)",
     
    10911093        else if ( 'approve' == $comment_approved )
    10921094                $comment_approved = 1;
    10931095
     1096        // @RawSQLUse, method_exists
    10941097        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->comments SET
    10951098                        comment_content      = %s,
    10961099                        comment_author       = %s,
     
    12051208                return false;
    12061209
    12071210        $old = (int) $post->comment_count;
     1211        // @RawSQLUse, trivial_implementation
    12081212        $new = (int) $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = '1'", $post_id) );
     1213        // @RawSQLUse, method_exists
    12091214        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET comment_count = %d WHERE ID = %d", $new, $post_id) );
    12101215
    12111216        if ( 'page' == $post->post_type )
     
    12921297
    12931298        // Do pingbacks
    12941299        while ($ping = $wpdb->get_row("SELECT * FROM {$wpdb->posts}, {$wpdb->postmeta} WHERE {$wpdb->posts}.ID = {$wpdb->postmeta}.post_id AND {$wpdb->postmeta}.meta_key = '_pingme' LIMIT 1")) {
     1300                // @RawSQLUse, trivial_implementation
    12951301                $wpdb->query("DELETE FROM {$wpdb->postmeta} WHERE post_id = {$ping->ID} AND meta_key = '_pingme';");
    12961302                pingback($ping->post_content, $ping->ID);
    12971303        }
    12981304
    12991305        // Do Enclosures
    13001306        while ($enclosure = $wpdb->get_row("SELECT * FROM {$wpdb->posts}, {$wpdb->postmeta} WHERE {$wpdb->posts}.ID = {$wpdb->postmeta}.post_id AND {$wpdb->postmeta}.meta_key = '_encloseme' LIMIT 1")) {
     1307                // @RawSQLUse, trivial_implementation
    13011308                $wpdb->query( $wpdb->prepare("DELETE FROM {$wpdb->postmeta} WHERE post_id = %d AND meta_key = '_encloseme';", $enclosure->ID) );
    13021309                do_enclose($enclosure->post_content, $enclosure->ID);
    13031310        }
     
    13231330function do_trackbacks($post_id) {
    13241331        global $wpdb;
    13251332
     1333        // @RawSQLUse, trivial_implementation
    13261334        $post = $wpdb->get_row( $wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID = %d", $post_id) );
    13271335        $to_ping = get_to_ping($post_id);
    13281336        $pinged  = get_pung($post_id);
    13291337        if ( empty($to_ping) ) {
     1338                // @RawSQLUse, method_exists
    13301339                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET to_ping = '' WHERE ID = %d", $post_id) );
    13311340                return;
    13321341        }
  • wp-includes/functions.php

     
    407407function get_alloptions() {
    408408        global $wpdb;
    409409        $show = $wpdb->hide_errors();
     410        // @RawSQLUse, trivial_implementation
    410411        if ( !$options = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'" ) )
     412                // @RawSQLUse, trivial_implementation
    411413                $options = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options" );
    412414        $wpdb->show_errors($show);
    413415
     
    441443
    442444        if ( !$alloptions ) {
    443445                $suppress = $wpdb->suppress_errors();
     446                // @RawSQLUse, trivial_implementation
    444447                if ( !$alloptions_db = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'" ) )
     448                        // @RawSQLUse, trivial_implementation
    445449                        $alloptions_db = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options" );
    446450                $wpdb->suppress_errors($suppress);
    447451                $alloptions = array();
     
    514518                wp_cache_set( $option_name, $newvalue, 'options' );
    515519        }
    516520
     521        // @RawSQLUse, method_exists
    517522        $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->options SET option_value = %s WHERE option_name = %s", $newvalue, $option_name ) );
    518523        if ( $wpdb->rows_affected == 1 ) {
    519524                do_action( "update_option_{$option_name}", $oldvalue, $_newvalue );
     
    581586                wp_cache_set( 'notoptions', $notoptions, 'options' );
    582587        }
    583588
     589        // @RawSQLUse, method_exists
    584590        $wpdb->query( $wpdb->prepare( "INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES (%s, %s, %s)", $name, $value, $autoload ) );
    585591
    586592        do_action( "add_option_{$name}", $name, $value );
     
    604610
    605611        // Get the ID, if no ID then return
    606612        // expected_slashed ($name)
     613        // @RawSQLUse, trivial_implementation
    607614        $option = $wpdb->get_row( "SELECT option_id, autoload FROM $wpdb->options WHERE option_name = '$name'" );
    608615        if ( is_null($option) || !$option->option_id )
    609616                return false;
    610617        // expected_slashed ($name)
     618        // @RawSQLUse, trivial_implementation
    611619        $wpdb->query( "DELETE FROM $wpdb->options WHERE option_name = '$name'" );
    612620        if ( 'yes' == $option->autoload ) {
    613621                $alloptions = wp_load_alloptions();
     
    9941002                                $allowed_types = array( 'video', 'audio' );
    9951003                                if ( in_array( substr( $type, 0, strpos( $type, "/" ) ), $allowed_types ) ) {
    9961004                                        $meta_value = "$url\n$len\n$type\n";
     1005                                        // @RawSQLUse, method_exists
    9971006                                        $wpdb->query( $wpdb->prepare( "INSERT INTO `$wpdb->postmeta` ( `post_id` , `meta_key` , `meta_value` )
    9981007                                        VALUES ( %d, 'enclosure' , %s)", $post_ID, $meta_value ) );
    9991008                                }
     
    15371546                return true;
    15381547
    15391548        $suppress = $wpdb->suppress_errors();
     1549        // @RawSQLUse, trivial_implementation
    15401550        $installed = $wpdb->get_var( "SELECT option_value FROM $wpdb->options WHERE option_name = 'siteurl'" );
    15411551        $wpdb->suppress_errors($suppress);
    15421552
  • wp-includes/user.php

     
    154154        global $wpdb;
    155155        if ( !$user )
    156156                $user = $wpdb->escape($_COOKIE[USER_COOKIE]);
     157        // @RawSQLUse, trivial_implementation
    157158        return $wpdb->get_var( $wpdb->prepare("SELECT $field FROM $wpdb->users WHERE user_login = %s", $user) );
    158159}
    159160
     
    308309        $meta_value = trim( $meta_value );
    309310
    310311        if ( ! empty($meta_value) )
     312                // @RawSQLUse, trivial_implementation
    311313                $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->usermeta WHERE user_id = %d AND meta_key = %s AND meta_value = %s", $user_id, $meta_key, $meta_value) );
    312314        else
     315                // @RawSQLUse, trivial_implementation
    313316                $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->usermeta WHERE user_id = %d AND meta_key = %s", $user_id, $meta_key) );
    314317
    315318        wp_cache_delete($user_id, 'users');
     
    397400        if (empty($meta_value)) {
    398401                return delete_usermeta($user_id, $meta_key);
    399402        }
    400 
     403        // @RawSQLUse, trivial_implementation
    401404        $cur = $wpdb->get_row( $wpdb->prepare("SELECT * FROM $wpdb->usermeta WHERE user_id = %d AND meta_key = %s", $user_id, $meta_key) );
    402405        if ( !$cur ) {
     406                // @RawSQLUse, method_exists
    403407                $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->usermeta ( user_id, meta_key, meta_value )
    404408                VALUES
    405409                ( %d, %s, %s )", $user_id, $meta_key, $meta_value) );
    406410        } else if ( $cur->meta_value != $meta_value ) {
     411                // @RawSQLUse, method_exists
    407412                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->usermeta SET meta_value = %s WHERE user_id = %d AND meta_key = %s", $meta_value, $user_id, $meta_key) );
    408413        } else {
    409414                return false;
     
    575580        global $wpdb;
    576581
    577582        $show = $wpdb->hide_errors();
     583        // @RawSQLUse, trivial_implementation
    578584        $metavalues = $wpdb->get_results($wpdb->prepare("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = %d", $user->ID));
    579585        $wpdb->show_errors($show);
    580586
  • wp-includes/rewrite.php

     
    782782                global $wpdb;
    783783
    784784                //get pages in order of hierarchy, i.e. children after parents
     785                // @RawSQLUse, trivial_implementation
    785786                $posts = get_page_hierarchy($wpdb->get_results("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_type = 'page'"));
    786787                //now reverse it, because we need parents after children for rewrite rules to work properly
    787788                $posts = array_reverse($posts, true);
     
    795796                foreach ($posts as $id => $post) {
    796797                        // URL => page name
    797798                        $uri = get_page_uri($id);
     799                        // @RawSQLUse, trivial_implementation
    798800                        $attachments = $wpdb->get_results( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = %d", $id ));
    799801                        if ( $attachments ) {
    800802                                foreach ( $attachments as $attachment ) {
  • wp-includes/general-template.php

     
    422422        }
    423423        if ( !empty($author_name) ) {
    424424                // We do a direct query here because we don't cache by nicename.
     425                // @RawSQLUse, trivial_implementation
    425426                $title = $wpdb->get_var($wpdb->prepare("SELECT display_name FROM $wpdb->users WHERE user_nicename = %s", $author_name));
    426427        }
    427428
     
    510511
    511512        if ( intval($p) || '' != $name ) {
    512513                if ( !$p )
     514                // @RawSQLUse, trivial_implementation
    513515                        $p = $wpdb->get_var($wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_name = %s", $name));
    514516                $post = & get_post($p);
    515517                $title = $post->post_title;
  • wp-includes/canonical.php

     
    6868
    6969        if ( is_singular() && 1 > $wp_query->post_count && ($id = get_query_var('p')) ) {
    7070
     71                // @RawSQLUse, trivial_implementation
    7172                $vars = $wpdb->get_results( $wpdb->prepare("SELECT post_type, post_parent FROM $wpdb->posts WHERE ID = %d", $id) );
    7273
    7374                if ( isset($vars[0]) && $vars = $vars[0] ) {
  • wp-includes/deprecated.php

     
    11201120        _deprecated_function(__FUNCTION__, '0.0' );
    11211121
    11221122        if ( $count )
     1123                // @RawSQLUse, trivial_implementation
    11231124                $counts = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->links");
    11241125
    11251126        $javascript = "<a href=\"#\" onclick=\"javascript:window.open('$file?popup=1', '_blank', 'width=$width,height=$height,scrollbars=yes,status=no'); return false\">";
  • wp-includes/pluggable.php

     
    164164        if ( false !== $user )
    165165                return $user;
    166166
     167        // @RawSQLUse, trivial_implementation
    167168        if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_login = %s", $user_login)) )
    168169                return false;
    169170
     
    194195        if ( false !== $user )
    195196                return $user;
    196197
     198        // @RawSQLUse, trivial_implementation
    197199        if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_email = %s", $email)) )
    198200                return false;
    199201
     
    14441451        global $wpdb;
    14451452
    14461453        $hash = wp_hash_password($password);
     1454        // @RawSQLUse, method_exists
    14471455        $query = $wpdb->prepare("UPDATE $wpdb->users SET user_pass = %s, user_activation_key = '' WHERE ID = %d", $hash, $user_id);
    14481456        $wpdb->query($query);
    14491457        wp_cache_delete($user_id, 'users');
  • wp-includes/rss.php

     
    715715                $cache_timestamp = 'rss_' . $this->file_name( $url ) . '_ts';
    716716
    717717                // shouldn't these be using get_option() ?
     718                // @RawSQLUse, trivial_implementation
    718719                if ( !$wpdb->get_var( $wpdb->prepare( "SELECT option_name FROM $wpdb->options WHERE option_name = %s", $cache_option ) ) )
    719720                        add_option($cache_option, '', '', 'no');
     721                // @RawSQLUse, trivial_implementation
    720722                if ( !$wpdb->get_var( $wpdb->prepare( "SELECT option_name FROM $wpdb->options WHERE option_name = %s", $cache_timestamp ) ) )
    721723                        add_option($cache_timestamp, '', '', 'no');
    722724
  • xmlrpc.php

     
    22732273                global $wpdb;
    22742274
    22752275                // find any unattached files
     2276                // @RawSQLUse, trivial_implementation
    22762277                $attachments = $wpdb->get_results( "SELECT ID, guid FROM {$wpdb->posts} WHERE post_parent = '-1' AND post_type = 'attachment'" );
    22772278                if( is_array( $attachments ) ) {
    22782279                        foreach( $attachments as $file ) {
    22792280                                if( strpos( $post_content, $file->guid ) !== false ) {
     2281                                        // @RawSQLUse, method_exists
    22802282                                        $wpdb->query( $wpdb->prepare("UPDATE {$wpdb->posts} SET post_parent = %d WHERE ID = %d", $post_ID, $file->ID) );
    22812283                                }
    22822284                        }
     
    28522854
    28532855                if(!empty($data["overwrite"]) && ($data["overwrite"] == true)) {
    28542856                        // Get postmeta info on the object.
     2857                        // @RawSQLUse, trivial_implementation
    28552858                        $old_file = $wpdb->get_row("
    28562859                                SELECT ID
    28572860                                FROM {$wpdb->posts}
     
    31263129                        return new IXR_Error(404, __('Sorry, no such post.'));
    31273130                }
    31283131
     3132                // @RawSQLUse, trivial_implementation
    31293133                $comments = $wpdb->get_results( $wpdb->prepare("SELECT comment_author_url, comment_content, comment_author_IP, comment_type FROM $wpdb->comments WHERE comment_post_ID = %d", $post_ID) );
    31303134
    31313135                if (!$comments) {
     
    32503254                        } elseif (is_string($urltest['fragment'])) {
    32513255                                // ...or a string #title, a little more complicated
    32523256                                $title = preg_replace('/[^a-z0-9]/i', '.', $urltest['fragment']);
     3257                                // @RawSQLUse, trivial_implementation
    32533258                                $sql = $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title RLIKE %s", $title);
    32543259                                if (! ($post_ID = $wpdb->get_var($sql)) ) {
    32553260                                        // returning unknown error '0' is better than die()ing
     
    32793284                        return new IXR_Error(33, __('The specified target URL cannot be used as a target. It either doesn\'t exist, or it is not a pingback-enabled resource.'));
    32803285
    32813286                // Let's check that the remote site didn't already pingback this entry
     3287                // @RawSQLUse, trivial_implementation
    32823288                $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $post_ID, $pagelinkedfrom) );
    32833289
    32843290                if ( $wpdb->num_rows ) // We already have a Pingback from this URL
     
    33943400                        return new IXR_Error(32, __('The specified target URL does not exist.'));
    33953401                }
    33963402
     3403                // @RawSQLUse, trivial_implementation
    33973404                $comments = $wpdb->get_results( $wpdb->prepare("SELECT comment_author_url, comment_content, comment_author_IP, comment_type FROM $wpdb->comments WHERE comment_post_ID = %d", $post_ID) );
    33983405
    33993406                if (!$comments) {
  • wp-trackback.php

     
    9797        $comment_content = "<strong>$title</strong>\n\n$excerpt";
    9898        $comment_type = 'trackback';
    9999
     100        // @RawSQLUse, trivial_implementation
    100101        $dupe = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $comment_post_ID, $comment_author_url) );
    101102        if ( $dupe )
    102103                trackback_response(1, 'We already have a ping from that URL for this post.');
  • wp-admin/update-links.php

     
    1818if ( !get_option('use_linksupdate') )
    1919        wp_die(__('Feature disabled.'));
    2020
     21// @RawSQLUse, trivial_implementation
    2122$link_uris = $wpdb->get_col("SELECT link_url FROM $wpdb->links");
    2223
    2324if ( !$link_uris )
     
    5051foreach ($returns as $return) :
    5152        $time = substr($return, 0, 19);
    5253        $uri = preg_replace('/(.*?) | (.*?)/', '$2', $return);
     54        // @RawSQLUse, method_exists
    5355        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->links SET link_updated = %s WHERE link_url = %s", $time, $uri) );
    5456endforeach;
    5557
  • wp-admin/edit-comments.php

     
    3434        $deleted = $approved = $unapproved = $spammed = 0;
    3535        foreach ( (array) $_REQUEST['delete_comments'] as $comment_id) : // Check the permissions on each
    3636                $comment_id = (int) $comment_id;
     37                // @RawSQLUse, trivial_implementation
    3738                $_post_id = (int) $wpdb->get_var( $wpdb->prepare( "SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = %d", $comment_id) );
    3839
    3940                if ( !current_user_can('edit_post', $_post_id) )
  • wp-admin/admin-ajax.php

     
    606606        if ( !current_user_can( 'edit_post', $comment_post_ID ) )
    607607                die('-1');
    608608
     609        // @RawSQLUse, trivial_implementation
    609610        $status = $wpdb->get_var( $wpdb->prepare("SELECT post_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) );
    610611
    611612        if ( empty($status) )
  • wp-admin/includes/bookmark.php

     
    8383
    8484        wp_delete_object_term_relationships( $link_id, 'link_category' );
    8585
     86        // @RawSQLUse, trivial_implementation
    8687        $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->links WHERE link_id = %d", $link_id ) );
    8788
    8889        do_action( 'deleted_link', $link_id );
     
    186187        }
    187188
    188189        if ( $update ) {
     190                // @RawSQLUse, method_exists
    189191                if ( false === $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->links SET link_url = %s,
    190192                        link_name = %s, link_image = %s, link_target = %s,
    191193                        link_visible = %s, link_description = %s, link_rating = %s,
     
    197199                                return 0;
    198200                }
    199201        } else {
     202                // @RawSQLUse, method_exists
    200203                if ( false === $wpdb->query( $wpdb->prepare( "INSERT INTO $wpdb->links (link_url, link_name, link_image, link_target, link_description, link_visible, link_owner, link_rating, link_rel, link_notes, link_rss) VALUES(%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
    201204                $link_url,$link_name, $link_image, $link_target, $link_description, $link_visible, $link_owner, $link_rating, $link_rel, $link_notes, $link_rss ) ) ) {
    202205                        if ( $wp_error )
  • wp-admin/includes/post.php

     
    257257        }
    258258
    259259        if ( isset($post_data['post_parent']) && ($parent = (int) $post_data['post_parent']) ) {
     260                // @RawSQLUse, trivial_implementation
    260261                $pages = $wpdb->get_results("SELECT ID, post_parent FROM $wpdb->posts WHERE post_type = 'page'");
    261262                $children = array();
    262263
     
    417418                $post_date = $wpdb->prepare("AND post_date = %s", $post_date);
    418419
    419420        if (!empty ($title))
     421                // @RawSQLUse, trivial_implementation
    420422                return $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title = %s $post_date", $title) );
    421423        else
    422424                if (!empty ($content))
     425                        // @RawSQLUse, trivial_implementation
    423426                        return $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_content = %s $post_date", $content) );
    424427
    425428        return 0;
     
    566569
    567570                wp_cache_delete($post_ID, 'post_meta');
    568571
     572                // @RawSQLUse, method_exists
    569573                $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->postmeta (post_id,meta_key,meta_value ) VALUES (%s, %s, %s)", $post_ID, $metakey, $metavalue) );
    570574                return $wpdb->insert_id;
    571575        }
     
    621625        global $wpdb;
    622626        $mid = (int) $mid;
    623627
     628        // @RawSQLUse, trivial_implementation
    624629        $meta = $wpdb->get_row( $wpdb->prepare("SELECT * FROM $wpdb->postmeta WHERE meta_id = %d", $mid) );
    625630        if ( is_serialized_string( $meta->meta_value ) )
    626631                $meta->meta_value = maybe_unserialize( $meta->meta_value );
     
    664669        if ( in_array($meta_key, $protected) )
    665670                return false;
    666671
     672        // @RawSQLUse, trivial_implementation
    667673        $post_id = $wpdb->get_var( $wpdb->prepare("SELECT post_id FROM $wpdb->postmeta WHERE meta_id = %d", $meta_id) );
    668674        wp_cache_delete($post_id, 'post_meta');
    669675
     
    743749        global $wpdb;
    744750        $old_ID = (int) $old_ID;
    745751        $new_ID = (int) $new_ID;
     752        // @RawSQLUse, method_exists
    746753        return $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_parent = %d WHERE post_parent = %d", $new_ID, $old_ID) );
    747754}
    748755
  • wp-admin/includes/upgrade.php

     
    9595        // Default category
    9696        $cat_name = $wpdb->escape(__('Uncategorized'));
    9797        $cat_slug = sanitize_title(_c('Uncategorized|Default category slug'));
     98        // @RawSQLUse, method_exists
    9899        $wpdb->query("INSERT INTO $wpdb->terms (name, slug, term_group) VALUES ('$cat_name', '$cat_slug', '0')");
     100        // @RawSQLUse, method_exists
    99101        $wpdb->query("INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ('1', 'category', '', '0', '1')");
    100102
    101103        // Default link category
    102104        $cat_name = $wpdb->escape(__('Blogroll'));
    103105        $cat_slug = sanitize_title(_c('Blogroll|Default link category slug'));
     106        // @RawSQLUse, method_exists
    104107        $wpdb->query("INSERT INTO $wpdb->terms (name, slug, term_group) VALUES ('$cat_name', '$cat_slug', '0')");
     108        // @RawSQLUse, method_exists
    105109        $wpdb->query("INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ('2', 'link_category', '', '0', '7')");
    106110
    107111        // Now drop in some default links
     112        // @RawSQLUse, method_exists
    108113        $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://codex.wordpress.org/', 'Documentation', 0, '', '');");
     114        // @RawSQLUse, method_exists
    109115        $wpdb->query( "INSERT INTO $wpdb->term_relationships (`object_id`, `term_taxonomy_id`) VALUES (1, 2)" );
    110116
     117        // @RawSQLUse, method_exists
    111118        $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://wordpress.org/development/', 'Development Blog', 0, 'http://wordpress.org/development/feed/', '');");
     119        // @RawSQLUse, method_exists
    112120        $wpdb->query( "INSERT INTO $wpdb->term_relationships (`object_id`, `term_taxonomy_id`) VALUES (2, 2)" );
    113121
     122        // @RawSQLUse, method_exists
    114123        $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://wordpress.org/extend/ideas/', 'Suggest Ideas', 0, '', '');");
     124        // @RawSQLUse, method_exists
    115125        $wpdb->query( "INSERT INTO $wpdb->term_relationships (`object_id`, `term_taxonomy_id`) VALUES (3, 2)" );
    116126
     127        // @RawSQLUse, method_exists
    117128        $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://wordpress.org/support/', 'Support Forum', 0, '', '');");
     129        // @RawSQLUse, method_exists
    118130        $wpdb->query( "INSERT INTO $wpdb->term_relationships (`object_id`, `term_taxonomy_id`) VALUES (4, 2)" );
    119131
     132        // @RawSQLUse, method_exists
    120133        $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://wordpress.org/extend/plugins/', 'Plugins', 0, '', '');");
     134        // @RawSQLUse, method_exists
    121135        $wpdb->query( "INSERT INTO $wpdb->term_relationships (`object_id`, `term_taxonomy_id`) VALUES (5, 2)" );
    122136
     137        // @RawSQLUse, method_exists
    123138        $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://wordpress.org/extend/themes/', 'Themes', 0, '', '');");
     139        // @RawSQLUse, method_exists
    124140        $wpdb->query( "INSERT INTO $wpdb->term_relationships (`object_id`, `term_taxonomy_id`) VALUES (6, 2)" );
    125141
     142        // @RawSQLUse, method_exists
    126143        $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://planet.wordpress.org/', 'WordPress Planet', 0, '', '');");
     144        // @RawSQLUse, method_exists
    127145        $wpdb->query( "INSERT INTO $wpdb->term_relationships (`object_id`, `term_taxonomy_id`) VALUES (7, 2)" );
    128146
    129147        // First post
    130148        $now = date('Y-m-d H:i:s');
    131149        $now_gmt = gmdate('Y-m-d H:i:s');
    132150        $first_post_guid = get_option('home') . '/?p=1';
     151        // @RawSQLUse, method_exists
    133152        $wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_excerpt, post_title, post_category, post_name, post_modified, post_modified_gmt, guid, comment_count, to_ping, pinged, post_content_filtered) VALUES ($user_id, '$now', '$now_gmt', '".$wpdb->escape(__('Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!'))."', '', '".$wpdb->escape(__('Hello world!'))."', '0', '".$wpdb->escape(_c('hello-world|Default post slug'))."', '$now', '$now_gmt', '$first_post_guid', '1', '', '', '')");
     153        // @RawSQLUse, method_exists
    134154        $wpdb->query( "INSERT INTO $wpdb->term_relationships (`object_id`, `term_taxonomy_id`) VALUES (1, 1)" );
    135155
    136156        // Default comment
     157        // @RawSQLUse, method_exists
    137158        $wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_date, comment_date_gmt, comment_content) VALUES ('1', '".$wpdb->escape(__('Mr WordPress'))."', '', 'http://wordpress.org/', '$now', '$now_gmt', '".$wpdb->escape(__('Hi, this is a comment.<br />To delete a comment, just log in and view the post&#039;s comments. There you will have the option to edit or delete them.'))."')");
    138159
    139160        // First Page
    140161        $first_post_guid = get_option('home') . '/?page_id=2';
     162        // @RawSQLUse, method_exists
    141163        $wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_excerpt, post_title, post_category, post_name, post_modified, post_modified_gmt, guid, post_status, post_type, to_ping, pinged, post_content_filtered) VALUES ($user_id, '$now', '$now_gmt', '".$wpdb->escape(__('This is an example of a WordPress page, you could edit this to put information about yourself or your site so readers know where you are coming from. You can create as many pages like this one or sub-pages as you like and manage all of your content inside of WordPress.'))."', '', '".$wpdb->escape(__('About'))."', '0', '".$wpdb->escape(_c('about|Default page slug'))."', '$now', '$now_gmt','$first_post_guid', 'publish', 'page', '', '', '')");
    142164}
    143165endif;
     
    292314        global $wpdb;
    293315
    294316        // Get the title and ID of every post, post_name to check if it already has a value
     317        // @RawSQLUse, trivial_implementation
    295318        $posts = $wpdb->get_results("SELECT ID, post_title, post_name FROM $wpdb->posts WHERE post_name = ''");
    296319        if ($posts) {
    297320                foreach($posts as $post) {
    298321                        if ('' == $post->post_name) {
    299322                                $newtitle = sanitize_title($post->post_title);
     323                                // @RawSQLUse, method_exists
    300324                                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_name = %s WHERE ID = %d", $newtitle, $post->ID) );
    301325                        }
    302326                }
    303327        }
    304328
     329        // @RawSQLUse, trivial_implementation
    305330        $categories = $wpdb->get_results("SELECT cat_ID, cat_name, category_nicename FROM $wpdb->categories");
    306331        foreach ($categories as $category) {
    307332                if ('' == $category->category_nicename) {
    308333                        $newtitle = sanitize_title($category->cat_name);
     334                        // @RawSQLUse, method_exists
    309335                        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->categories SET category_nicename = %s WHERE cat_ID = %d", $newtitle, $category->cat_ID) );
    310336                }
    311337        }
     
    324350                $catwhere = '';
    325351        endif;
    326352
     353        // @RawSQLUse, trivial_implementation
    327354        $allposts = $wpdb->get_results("SELECT ID, post_category FROM $wpdb->posts WHERE post_category != '0' $catwhere");
    328355        if ($allposts) :
    329356                foreach ($allposts as $post) {
    330357                        // Check to see if it's already been imported
     358                        // @RawSQLUse, trivial_implementation
    331359                        $cat = $wpdb->get_row( $wpdb->prepare("SELECT * FROM $wpdb->post2cat WHERE post_id = %d AND category_id = %d", $post->ID, $post->post_category) );
    332360                        if (!$cat && 0 != $post->post_category) { // If there's no result
     361                                // @RawSQLUse, method_exists
    333362                                $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->post2cat
    334363                                        (post_id, category_id)
    335364                                        VALUES (%s, %s)
     
    366395        global $wpdb;
    367396
    368397        // Set user_nicename.
     398        // @RawSQLUse, trivial_implementation
    369399        $users = $wpdb->get_results("SELECT ID, user_nickname, user_nicename FROM $wpdb->users");
    370400        foreach ($users as $user) {
    371401                if ('' == $user->user_nicename) {
    372402                        $newname = sanitize_title($user->user_nickname);
     403                        // @RawSQLUse, method_exists
    373404                        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->users SET user_nicename = %s WHERE ID = %d", $newname, $user->ID) );
    374405                }
    375406        }
    376407
     408        // @RawSQLUse, trivial_implementation
    377409        $users = $wpdb->get_results("SELECT ID, user_pass from $wpdb->users");
    378410        foreach ($users as $row) {
    379411                if (!preg_match('/^[A-Fa-f0-9]{32}$/', $row->user_pass)) {
     412                        // @RawSQLUse, method_exists
    380413                        $wpdb->query('UPDATE '.$wpdb->users.' SET user_pass = MD5(\''.$row->user_pass.'\') WHERE ID = \''.$row->ID.'\'');
    381414                }
    382415        }
     
    426459        global $wpdb;
    427460
    428461        // Remove extraneous backslashes.
     462        // @RawSQLUse, trivial_implementation
    429463        $posts = $wpdb->get_results("SELECT ID, post_title, post_content, post_excerpt, guid, post_date, post_name, post_status, post_author FROM $wpdb->posts");
    430464        if ($posts) {
    431465                foreach($posts as $post) {
     
    436470                                $guid = get_permalink($post->ID);
    437471                        else
    438472                                $guid = $post->guid;
    439 
     473                        // @RawSQLUse, method_exists
    440474                        $wpdb->query("UPDATE $wpdb->posts SET post_title = '$post_title', post_content = '$post_content', post_excerpt = '$post_excerpt', guid = '$guid' WHERE ID = '$post->ID'");
    441475                }
    442476        }
    443477
    444478        // Remove extraneous backslashes.
     479        // @RawSQLUse, trivial_implementation
    445480        $comments = $wpdb->get_results("SELECT comment_ID, comment_author, comment_content FROM $wpdb->comments");
    446481        if ($comments) {
    447482                foreach($comments as $comment) {
    448483                        $comment_content = addslashes(deslash($comment->comment_content));
    449484                        $comment_author = addslashes(deslash($comment->comment_author));
     485                        // @RawSQLUse, method_exists
    450486                        $wpdb->query("UPDATE $wpdb->comments SET comment_content = '$comment_content', comment_author = '$comment_author' WHERE comment_ID = '$comment->comment_ID'");
    451487                }
    452488        }
    453489
    454490        // Remove extraneous backslashes.
     491        // @RawSQLUse, trivial_implementation
    455492        $links = $wpdb->get_results("SELECT link_id, link_name, link_description FROM $wpdb->links");
    456493        if ($links) {
    457494                foreach($links as $link) {
    458495                        $link_name = addslashes(deslash($link->link_name));
    459496                        $link_description = addslashes(deslash($link->link_description));
     497                        // @RawSQLUse, method_exists
    460498                        $wpdb->query("UPDATE $wpdb->links SET link_name = '$link_name', link_description = '$link_description' WHERE link_id = '$link->link_id'");
    461499                }
    462500        }
    463501
    464502        // The "paged" option for what_to_show is no more.
     503        // @RawSQLUse, trivial_implementation
    465504        if ($wpdb->get_var("SELECT option_value FROM $wpdb->options WHERE option_name = 'what_to_show'") == 'paged') {
     505                // @RawSQLUse, method_exists
    466506                $wpdb->query("UPDATE $wpdb->options SET option_value = 'posts' WHERE option_name = 'what_to_show'");
    467507        }
    468508
     
    476516        }
    477517
    478518        // Obsolete tables
     519        // @RawSQLUse, trivial_implementation
    479520        $wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optionvalues');
     521        // @RawSQLUse, trivial_implementation
    480522        $wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optiontypes');
     523        // @RawSQLUse, trivial_implementation
    481524        $wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optiongroups');
     525        // @RawSQLUse, trivial_implementation
    482526        $wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optiongroup_options');
    483527
    484528        // Update comments table to use comment_type
     
    509553
    510554        populate_roles_160();
    511555
     556        // @RawSQLUse, method_exists
    512557        $users = $wpdb->get_results("SELECT * FROM $wpdb->users");
    513558        foreach ( $users as $user ) :
    514559                if ( !empty( $user->user_firstname ) )
     
    539584                        if ($idmode == 'namefl') $id = $user->user_firstname.' '.$user->user_lastname;
    540585                        if ($idmode == 'namelf') $id = $user->user_lastname.' '.$user->user_firstname;
    541586                        if (!$idmode) $id = $user->user_nickname;
     587                        // @RawSQLUse, method_exists
    542588                        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->users SET display_name = %s WHERE ID = %d", $id, $user->ID) );
    543589                endif;
    544590
     
    554600        $old_user_fields = array( 'user_firstname', 'user_lastname', 'user_icq', 'user_aim', 'user_msn', 'user_yim', 'user_idmode', 'user_ip', 'user_domain', 'user_browser', 'user_description', 'user_nickname', 'user_level' );
    555601        $wpdb->hide_errors();
    556602        foreach ( $old_user_fields as $old )
     603                // @RawSQLUse, trivial_implementation
    557604                $wpdb->query("ALTER TABLE $wpdb->users DROP $old");
    558605        $wpdb->show_errors();
    559606
     
    561608        $comments = $wpdb->get_results( "SELECT comment_post_ID, COUNT(*) as c FROM $wpdb->comments WHERE comment_approved = '1' GROUP BY comment_post_ID" );
    562609        if( is_array( $comments ) ) {
    563610                foreach ($comments as $comment) {
     611                        // @RawSQLUse, method_exists
    564612                        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET comment_count = %d WHERE ID = %d", $comment->c, $comment->comment_post_ID) );
    565613                }
    566614        }
     
    568616        // Some alpha versions used a post status of object instead of attachment and put
    569617        // the mime type in post_type instead of post_mime_type.
    570618        if ( $wp_current_db_version > 2541 && $wp_current_db_version <= 3091 ) {
     619                // @RawSQLUse, trivial_implementation
    571620                $objects = $wpdb->get_results("SELECT ID, post_type FROM $wpdb->posts WHERE post_status = 'object'");
    572621                foreach ($objects as $object) {
     622                        // @RawSQLUse, method_exists
    573623                        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_status = 'attachment',
    574624                        post_mime_type = %s,
    575625                        post_type = ''
     
    592642
    593643        if ( $wp_current_db_version < 3506 ) {
    594644                // Update status and type.
     645                // @RawSQLUse, trivial_implementation
    595646                $posts = $wpdb->get_results("SELECT ID, post_status FROM $wpdb->posts");
    596647
    597648                if ( ! empty($posts) ) foreach ($posts as $post) {
     
    605656                                $status = 'inherit';
    606657                                $type = 'attachment';
    607658                        }
    608 
     659                        // @RawSQLUse, method_exists
    609660                        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_status = %s, post_type = %s WHERE ID = %d", $status, $type, $post->ID) );
    610661                }
    611662        }
     
    617668        if ( $wp_current_db_version < 3531 ) {
    618669                // Give future posts a post_status of future.
    619670                $now = gmdate('Y-m-d H:i:59');
     671                // @RawSQLUse, method_exists
    620672                $wpdb->query ("UPDATE $wpdb->posts SET post_status = 'future' WHERE post_status = 'publish' AND post_date_gmt > '$now'");
    621673
     674                // @RawSQLUse, method_exists
    622675                $posts = $wpdb->get_results("SELECT ID, post_date FROM $wpdb->posts WHERE post_status ='future'");
    623676                if ( !empty($posts) )
    624677                        foreach ( $posts as $post )
     
    651704                $term_group = 0;
    652705
    653706                // Associate terms with the same slug in a term group and make slugs unique.
     707                // @RawSQLUse, trivial_implementation
    654708                if ( $exists = $wpdb->get_results( $wpdb->prepare("SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $slug) ) ) {
    655709                        $term_group = $exists[0]->term_group;
    656710                        $id = $exists[0]->term_id;
     
    658712                        do {
    659713                                $alt_slug = $slug . "-$num";
    660714                                $num++;
     715                                // @RawSQLUse, trivial_implementation
    661716                                $slug_check = $wpdb->get_var( $wpdb->prepare("SELECT slug FROM $wpdb->terms WHERE slug = %s", $alt_slug) );
    662717                        } while ( $slug_check );
    663718
     
    665720
    666721                        if ( empty( $term_group ) ) {
    667722                                $term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms GROUP BY term_group") + 1;
     723                                // @RawSQLUse, method_exists
    668724                                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->terms SET term_group = %d WHERE term_id = %d", $term_group, $id) );
    669725                        }
    670726                }
    671 
     727                // @RawSQLUse, method_exists
    672728                $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->terms (term_id, name, slug, term_group) VALUES
    673729                (%d, %s, %s, %d)", $term_id, $name, $slug, $term_group) );
    674730
     
    676732                if ( !empty($category->category_count) ) {
    677733                        $count = (int) $category->category_count;
    678734                        $taxonomy = 'category';
     735                        // @RawSQLUse, method_exists
    679736                        $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ( %d, %s, %s, %d, %d)", $term_id, $taxonomy, $description, $parent, $count) );
    680737                        $tt_ids[$term_id][$taxonomy] = (int) $wpdb->insert_id;
    681738                }
     
    683740                if ( !empty($category->link_count) ) {
    684741                        $count = (int) $category->link_count;
    685742                        $taxonomy = 'link_category';
     743                        // @RawSQLUse, method_exists
    686744                        $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ( %d, %s, %s, %d, %d)", $term_id, $taxonomy, $description, $parent, $count) );
    687745                        $tt_ids[$term_id][$taxonomy] = (int) $wpdb->insert_id;
    688746                }
     
    691749                        $have_tags = true;
    692750                        $count = (int) $category->tag_count;
    693751                        $taxonomy = 'post_tag';
     752                        // @RawSQLUse, method_exists
    694753                        $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ( %d, %s, %s, %d, %d)", $term_id, $taxonomy, $description, $parent, $count) );
    695754                        $tt_ids[$term_id][$taxonomy] = (int) $wpdb->insert_id;
    696755                }
     
    698757                if ( empty($count) ) {
    699758                        $count = 0;
    700759                        $taxonomy = 'category';
     760                        // @RawSQLUse, method_exists
    701761                        $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ( %d, %s, %s, %d, %d)", $term_id, $taxonomy, $description, $parent, $count) );
    702762                        $tt_ids[$term_id][$taxonomy] = (int) $wpdb->insert_id;
    703763                }
     
    718778                if ( empty($tt_id) )
    719779                        continue;
    720780
     781                // @RawSQLUse, method_exists
    721782                $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->term_relationships (object_id, term_taxonomy_id) VALUES ( %d, %d)", $post_id, $tt_id) );
    722783        }
    723784
     
    728789                $link_cat_id_map = array();
    729790                $default_link_cat = 0;
    730791                $tt_ids = array();
     792                // @RawSQLUse, trivial_implementation
    731793                $link_cats = $wpdb->get_results("SELECT cat_id, cat_name FROM " . $wpdb->prefix . 'linkcategories');
    732794                foreach ( $link_cats as $category) {
    733795                        $cat_id = (int) $category->cat_id;
     
    737799                        $term_group = 0;
    738800
    739801                        // Associate terms with the same slug in a term group and make slugs unique.
     802                        // @RawSQLUse, trivial_implementation
    740803                        if ( $exists = $wpdb->get_results( $wpdb->prepare("SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $slug) ) ) {
    741804                                $term_group = $exists[0]->term_group;
    742805                                $term_id = $exists[0]->term_id;
    743806                        }
    744807
    745808                        if ( empty($term_id) ) {
     809                                // @RawSQLUse, method_exists
    746810                                $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->terms (name, slug, term_group) VALUES (%s, %s, %d)", $name, $slug, $term_group) );
    747811                                $term_id = (int) $wpdb->insert_id;
    748812                        }
    749813
    750814                        $link_cat_id_map[$cat_id] = $term_id;
    751815                        $default_link_cat = $term_id;
    752 
     816                       
     817                        // @RawSQLUse, method_exists                   
    753818                        $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES (%d, 'link_category', '', '0', '0')", $term_id) );
    754819                        $tt_ids[$term_id] = (int) $wpdb->insert_id;
    755820                }
    756821
    757822                // Associate links to cats.
     823                // @RawSQLUse, trivial_implementation
    758824                $links = $wpdb->get_results("SELECT link_id, link_category FROM $wpdb->links");
    759825                if ( !empty($links) ) foreach ( $links as $link ) {
    760826                        if ( 0 == $link->link_category )
     
    766832                        if ( empty($tt_id) )
    767833                                continue;
    768834
     835                        // @RawSQLUse, method_exists
    769836                        $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->term_relationships (object_id, term_taxonomy_id) VALUES ( %d, %d)", $link->link_id, $tt_id) );
    770837                }
    771838
     
    781848                        if ( empty($tt_id) )
    782849                                continue;
    783850
     851                        // @RawSQLUse, method_exists
    784852                        $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->term_relationships (object_id, term_taxonomy_id) VALUES ( %d, %d)", $link_id, $tt_id) );
    785853                }
    786854        }
    787855
    788856        if ( $wp_current_db_version < 4772 ) {
    789857                // Obsolete linkcategories table
     858                // @RawSQLUse, trivial_implementation
    790859                $wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'linkcategories');
    791860        }
    792861
    793862        // Recalculate all counts
     863        // @RawSQLUse, trivial_implementation
    794864        $terms = $wpdb->get_results("SELECT term_taxonomy_id, taxonomy FROM $wpdb->term_taxonomy");
    795865        foreach ( (array) $terms as $term ) {
    796866                if ( ('post_tag' == $term->taxonomy) || ('category' == $term->taxonomy) )
    797867                        $count = $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM $wpdb->term_relationships, $wpdb->posts WHERE $wpdb->posts.ID = $wpdb->term_relationships.object_id AND post_status = 'publish' AND post_type = 'post' AND term_taxonomy_id = %d", $term->term_taxonomy_id) );
    798868                else
    799869                        $count = $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $term->term_taxonomy_id) );
     870                // @RawSQLUse, method_exists
    800871                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->term_taxonomy SET count = %d WHERE term_taxonomy_id = %d", $count, $term->term_taxonomy_id) );
    801872        }
    802873}
     
    811882        $old_options_fields = array( 'option_can_override', 'option_type', 'option_width', 'option_height', 'option_description', 'option_admin_level' );
    812883        $wpdb->hide_errors();
    813884        foreach ( $old_options_fields as $old )
     885                // @RawSQLUse, trivial_implementation
    814886                $wpdb->query("ALTER TABLE $wpdb->options DROP $old");
    815887        $wpdb->show_errors();
    816888}
     
    822894 */
    823895function upgrade_230_old_tables() {
    824896        global $wpdb;
     897        // @RawSQLUse, trivial_implementation
    825898        $wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'categories');
     899        // @RawSQLUse, trivial_implementation
    826900        $wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'link2cat');
     901        // @RawSQLUse, trivial_implementation
    827902        $wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'post2cat');
    828903}
    829904
     
    835910function upgrade_old_slugs() {
    836911        // upgrade people who were using the Redirect Old Slugs plugin
    837912        global $wpdb;
     913        // @RawSQLUse, method_exists
    838914        $wpdb->query("UPDATE $wpdb->postmeta SET meta_key = '_wp_old_slug' WHERE meta_key = 'old_slug'");
    839915}
    840916
     
    872948function upgrade_252() {
    873949        global $wpdb;
    874950
     951        // @RawSQLUse, method_exists
    875952        $wpdb->query("UPDATE $wpdb->users SET user_activation_key = ''");
    876953}
    877954
     
    905982
    906983        // Update post_date for unpublished posts with empty timestamp
    907984        if ( $wp_current_db_version < 8921 )
     985                // @RawSQLUse, method_exists
    908986                $wpdb->query( "UPDATE $wpdb->posts SET post_date = post_modified WHERE post_date = '0000-00-00 00:00:00'" );
    909987}
    910988
     
    9261004 */
    9271005function maybe_create_table($table_name, $create_ddl) {
    9281006        global $wpdb;
     1007        // @RawSQLUse, trivial_implementation
    9291008        if ( $wpdb->get_var("SHOW TABLES LIKE '$table_name'") == $table_name )
    9301009                return true;
    9311010        //didn't find it try to create it.
    9321011        $q = $wpdb->query($create_ddl);
    9331012        // we cannot directly tell that whether this succeeded!
     1013        // @RawSQLUse, trivial_implementation
    9341014        if ( $wpdb->get_var("SHOW TABLES LIKE '$table_name'") == $table_name )
    9351015                return true;
    9361016        return false;
     
    9501030function drop_index($table, $index) {
    9511031        global $wpdb;
    9521032        $wpdb->hide_errors();
     1033        // @RawSQLUse, trivial_implementation
    9531034        $wpdb->query("ALTER TABLE `$table` DROP INDEX `$index`");
    9541035        // Now we need to take out all the extra ones we may have created
    9551036        for ($i = 0; $i < 25; $i++) {
     1037                // @RawSQLUse, trivial_implementation
    9561038                $wpdb->query("ALTER TABLE `$table` DROP INDEX `{$index}_$i`");
    9571039        }
    9581040        $wpdb->show_errors();
     
    10111093 */
    10121094function get_alloptions_110() {
    10131095        global $wpdb;
     1096        // @RawSQLUse, trivial_implementation
    10141097        if ($options = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options")) {
    10151098                foreach ($options as $option) {
    10161099                        // "When trying to design a foolproof system,
     
    10441127                return preg_replace( '|/+$|', '', constant( 'WP_SITEURL' ) );
    10451128        }
    10461129
     1130        // @RawSQLUse, trivial_implementation
    10471131        $option = $wpdb->get_var( $wpdb->prepare("SELECT option_value FROM $wpdb->options WHERE option_name = %s", $setting) );
    10481132
    10491133        if ( 'home' == $setting && '' == $option )
     
    11311215        }
    11321216
    11331217        // Check to see which tables and fields exist
     1218        // @RawSQLUse, trivial_implementation
    11341219        if($tables = $wpdb->get_col('SHOW TABLES;')) {
    11351220                // For every table in the database
    11361221                foreach($tables as $table) {
     
    11771262                                }
    11781263
    11791264                                // Fetch the table column structure from the database
     1265                                // @RawSQLUse, trivial_implementation
    11801266                                $tablefields = $wpdb->get_results("DESCRIBE {$table};");
    11811267
    11821268                                // For every field in the table
     
    12171303                                // For every remaining field specified for the table
    12181304                                foreach($cfields as $fieldname => $fielddef) {
    12191305                                        // Push a query line into $cqueries that adds the field to that table
     1306                                        // @RawSQLUse, trivial_implementation
    12201307                                        $cqueries[] = "ALTER TABLE {$table} ADD COLUMN $fielddef";
    12211308                                        $for_update[$table.'.'.$fieldname] = 'Added column '.$table.'.'.$fieldname;
    12221309                                }
    12231310
    12241311                                // Index stuff goes here
    12251312                                // Fetch the table index structure from the database
     1313                                // @RawSQLUse, trivial_implementation
    12261314                                $tableindices = $wpdb->get_results("SHOW INDEX FROM {$table};");
    12271315
    12281316                                if($tableindices) {
  • wp-admin/includes/schema.php

     
    311311        // Set up a few options not to load by default
    312312        $fatoptions = array( 'moderation_keys', 'recently_edited', 'blacklist_keys' );
    313313        foreach ($fatoptions as $fatoption) :
     314                // @RawSQLUse, method_exists
    314315                $wpdb->query("UPDATE $wpdb->options SET `autoload` = 'no' WHERE option_name = '$fatoption'");
    315316        endforeach;
    316317}
  • wp-admin/includes/comment.php

     
    1919function comment_exists($comment_author, $comment_date) {
    2020        global $wpdb;
    2121
     22        // @RawSQLUse, trivial_implementation
    2223        return $wpdb->get_var( $wpdb->prepare("SELECT comment_post_ID FROM $wpdb->comments
    2324                        WHERE comment_author = %s AND comment_date = %s", $comment_author, $comment_date) );
    2425}
  • wp-admin/includes/template.php

     
    16871687                        // catch and repair bad pages
    16881688                        if ( $page->post_parent == $page->ID ) {
    16891689                                $page->post_parent = 0;
     1690                                // @RawSQLUse, method_exists
    16901691                                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_parent = '0' WHERE ID = %d", $page->ID) );
    16911692                                clean_page_cache( $page->ID );
    16921693                        }
  • wp-admin/includes/user.php

     
    197197function get_author_user_ids() {
    198198        global $wpdb;
    199199        $level_key = $wpdb->prefix . 'user_level';
     200        // @RawSQLUse, trivial_implementation
    200201        return $wpdb->get_col( $wpdb->prepare("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = %s AND meta_value != '0'", $level_key) );
    201202}
    202203
     
    250251
    251252        $level_key = $wpdb->prefix . 'user_level';
    252253
     254        // @RawSQLUse, trivial_implementation
    253255        $query = $wpdb->prepare("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = %s", $level_key);
    254256        if ( $exclude_zeros )
    255257                $query .= " AND meta_value != '0'";
     
    295297        global $wpdb;
    296298        $level_key = $wpdb->prefix . 'user_level';
    297299
     300        // @RawSQLUse, trivial_implementation
    298301        return $wpdb->get_col( $wpdb->prepare("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = %s AND meta_value = '0'", $level_key) );
    299302}
    300303
     
    413416        $id = (int) $id;
    414417
    415418        if ($reassign == 'novalue') {
     419                // @RawSQLUse, trivial_implementation
    416420                $post_ids = $wpdb->get_col( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_author = %d", $id) );
    417421
    418422                if ($post_ids) {
     
    421425                }
    422426
    423427                // Clean links
     428                // @RawSQLUse, trivial_implementation
    424429                $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->links WHERE link_owner = %d", $id) );
    425430        } else {
    426431                $reassign = (int) $reassign;
     432                // @RawSQLUse, method_exists
    427433                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_author = %d WHERE post_author = %d", $reassign, $id) );
     434                // @RawSQLUse, method_exists
    428435                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->links SET link_owner = %d WHERE link_owner = %d", $reassign, $id) );
    429436        }
    430437
    431438        // FINALLY, delete user
    432439        do_action('delete_user', $id);
    433440
     441        // @RawSQLUse, trivial_implementation
    434442        $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->users WHERE ID = %d", $id) );
     443        // @RawSQLUse, trivial_implementation
    435444        $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->usermeta WHERE user_id = %d", $id) );
    436445
    437446        wp_cache_delete($id, 'users');
     
    628637         *
    629638         * @since unknown
    630639         * @access public
     640         * @RawSQLUse, algorithmic
    631641         */
    632642        function prepare_query() {
    633643                global $wpdb;
  • wp-admin/includes/export.php

     
    296296<wp:attachment_url><?php echo wp_get_attachment_url($post->ID); ?></wp:attachment_url>
    297297<?php } ?>
    298298<?php
     299// @RawSQLUse, trivial_implementation
    299300$postmeta = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->postmeta WHERE post_id = %d", $post->ID) );
    300301if ( $postmeta ) {
    301302?>
     
    307308<?php } ?>
    308309<?php } ?>
    309310<?php
     311// @RawSQLUse, trivial_implementation
    310312$comments = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d", $post->ID) );
    311313if ( $comments ) { foreach ( $comments as $c ) { ?>
    312314<wp:comment>
  • wp-admin/install-helper.php

     
    7373 */
    7474function maybe_create_table($table_name, $create_ddl) {
    7575        global $wpdb;
     76        // @RawSQLUse, trivial_implementation
    7677        foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
    7778                if ($table == $table_name) {
    7879                        return true;
     
    8182        //didn't find it try to create it.
    8283        $wpdb->query($create_ddl);
    8384        // we cannot directly tell that whether this succeeded!
     85        // @RawSQLUse, trivial_implementation
    8486        foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
    8587                if ($table == $table_name) {
    8688                        return true;
     
    107109 */
    108110function maybe_add_column($table_name, $column_name, $create_ddl) {
    109111        global $wpdb, $debug;
     112        // @RawSQLUse, trivial_implementation
    110113        foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
    111114                if ($debug) echo("checking $column == $column_name<br />");
    112115
     
    117120        //didn't find it try to create it.
    118121        $wpdb->query($create_ddl);
    119122        // we cannot directly tell that whether this succeeded!
     123        // @RawSQLUse, trivial_implementation
    120124        foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
    121125                if ($column == $column_name) {
    122126                        return true;
     
    141145 */
    142146function maybe_drop_column($table_name, $column_name, $drop_ddl) {
    143147        global $wpdb;
     148        // @RawSQLUse, trivial_implementation
    144149        foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
    145150                if ($column == $column_name) {
    146151                        //found it try to drop it.
    147152                        $wpdb->query($drop_ddl);
    148153                        // we cannot directly tell that whether this succeeded!
     154                        // @RawSQLUse, trivial_implementation
    149155                        foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
    150156                                if ($column == $column_name) {
    151157                                        return false;
     
    189195function check_column($table_name, $col_name, $col_type, $is_null = null, $key = null, $default = null, $extra = null) {
    190196        global $wpdb, $debug;
    191197        $diffs = 0;
     198        // @RawSQLUse, trivial_implementation
    192199        $results = $wpdb->get_results("DESC $table_name");
    193200
    194201        foreach ($results as $row ) {
  • wp-admin/import/btt.php

     
    7777                echo '<p><h3>'.__('Reading Bunny&#8217;s Technorati Tags&#8230;').'</h3></p>';
    7878
    7979                // import Bunny's Keywords tags
     80                // @RawSQLUse, trivial_implementation
    8081                $metakeys = $wpdb->get_results("SELECT post_id, meta_id, meta_key, meta_value FROM $wpdb->postmeta WHERE $wpdb->postmeta.meta_key = 'tags'");
    8182                if ( !is_array($metakeys)) {
    8283                        echo '<p>' . __('No Tags Found!') . '</p>';
  • wp-admin/import/jkw.php

     
    9292                echo '<p><h3>'.__('Reading Jerome&#8217;s Keywords Tags&#8230;').'</h3></p>';
    9393
    9494                // import Jerome's Keywords tags
     95                // @RawSQLUse, trivial_implementation
    9596                $metakeys = $wpdb->get_results("SELECT post_id, meta_id, meta_key, meta_value FROM $wpdb->postmeta WHERE $wpdb->postmeta.meta_key = 'keywords'");
    9697                if ( !is_array($metakeys)) {
    9798                        echo '<p>' . __('No Tags Found!') . '</p>';
     
    133134
    134135                // import Jerome's Keywords tags
    135136                $tablename = $wpdb->prefix . substr(get_option('jkeywords_keywords_table'), 1, -1);
     137                // @RawSQLUse, trivial_implementation
    136138                $metakeys = $wpdb->get_results("SELECT post_id, tag_name FROM $tablename");
    137139                if ( !is_array($metakeys) ) {
    138140                        echo '<p>' . __('No Tags Found!') . '</p>';
     
    164166                /* options from V2.0a (jeromes-keywords.php) */
    165167                $options = array('version', 'keywords_table', 'query_varname', 'template', 'meta_always_include', 'meta_includecats', 'meta_autoheader', 'search_strict', 'use_feed_cats', 'post_linkformat', 'post_tagseparator', 'post_includecats', 'post_notagstext', 'cloud_linkformat', 'cloud_tagseparator', 'cloud_includecats', 'cloud_sortorder', 'cloud_displaymax', 'cloud_displaymin', 'cloud_scalemax', 'cloud_scalemin');
    166168
     169                // @RawSQLUse, trivial_implementation
    167170                $wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . substr(get_option('jkeywords_keywords_table'), 1, -1));
    168171
    169172                foreach ( $options as $o )
  • wp-admin/import/dotclear.php

     
    4444        function link_exists($linkname)
    4545        {
    4646                global $wpdb;
     47                // @RawSQLUse, trivial_implementation
    4748                return $wpdb->get_var( $wpdb->prepare("SELECT link_id FROM $wpdb->links WHERE link_name = %s", $linkname) );
    4849        }
    4950}
     
    228229                $dbprefix = get_option('dcdbprefix');
    229230
    230231                // Get Categories
     232                // @RawSQLUse, trivial_implementation
    231233                return $dcdb->get_results('SELECT * FROM '.$dbprefix.'categorie', ARRAY_A);
    232234        }
    233235
     
    241243
    242244                // Get Users
    243245
     246                // @RawSQLUse, trivial_implementation
    244247                return $dcdb->get_results('SELECT * FROM '.$dbprefix.'user', ARRAY_A);
    245248        }
    246249
     
    266269                $dbprefix = get_option('dcdbprefix');
    267270
    268271                // Get Comments
     272                // @RawSQLUse, trivial_implementation
    269273                return $dcdb->get_results('SELECT * FROM '.$dbprefix.'comment', ARRAY_A);
    270274        }
    271275
  • wp-admin/import/stp.php

     
    117117        function get_stp_posts ( ) {
    118118                global $wpdb;
    119119                // read in all the posts from the STP post->tag table: should be wp_post2tag
     120                // @RawSQLUse, trivial_implementation
    120121                $posts_query = "SELECT post_id, tag_name FROM " . $wpdb->prefix . "stp_tags";
    121122                $posts = $wpdb->get_results($posts_query);
    122123                return $posts;
  • wp-admin/import/wp-cat2tag.php

     
    272272                                        if ( $values ) {
    273273                                                $wpdb->query("INSERT INTO $wpdb->term_relationships (object_id, term_taxonomy_id, term_order) VALUES " . join(',', $values) . " ON DUPLICATE KEY UPDATE term_order = VALUES(term_order)");
    274274
     275                                                // @RawSQLUse, method_exists
    275276                                                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->term_taxonomy SET count = %d WHERE term_id = %d AND taxonomy = 'post_tag'", $category->count, $category->term_id) );
    276277                                        }
    277278
     
    280281                                }
    281282
    282283                                // if tag already exists, add it to all posts in the category
     284                                // @RawSQLUse, trivial_implementation
    283285                                if ( $tag_ttid = $wpdb->get_var( $wpdb->prepare("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy WHERE term_id = %d AND taxonomy = 'post_tag'", $category->term_id) ) ) {
    284286                                        $objects_ids = get_objects_in_term($category->term_id, 'category');
    285287                                        $tag_ttid = (int) $tag_ttid;
     
    292294                                                $wpdb->query("INSERT INTO $wpdb->term_relationships (object_id, term_taxonomy_id, term_order) VALUES " . join(',', $values) . " ON DUPLICATE KEY UPDATE term_order = VALUES(term_order)");
    293295
    294296                                                $count = $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $tag_ttid) );
     297                                                // @RawSQLUse, method_exists
    295298                                                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->term_taxonomy SET count = %d WHERE term_id = %d AND taxonomy = 'post_tag'", $count, $category->term_id) );
    296299                                        }
    297300                                        echo __('Tag added to all posts in this category.') . " *</li>\n";
     
    303306                                        continue;
    304307                                }
    305308
     309                                // @RawSQLUse, trivial_implementation
    306310                                $tt_ids = $wpdb->get_col( $wpdb->prepare("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy WHERE term_id = %d AND taxonomy = 'category'", $category->term_id) );
    307311                                if ( $tt_ids ) {
    308312                                        $posts = $wpdb->get_col("SELECT object_id FROM $wpdb->term_relationships WHERE term_taxonomy_id IN (" . join(',', $tt_ids) . ") GROUP BY object_id");
     
    311315                                }
    312316
    313317                                // Change the category to a tag.
     318                                // @RawSQLUse, method_exists
    314319                                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->term_taxonomy SET taxonomy = 'post_tag' WHERE term_id = %d AND taxonomy = 'category'", $category->term_id) );
    315320
    316321                                // Set all parents to 0 (root-level) if their parent was the converted tag
     322                                // @RawSQLUse, method_exists
    317323                                $parents = $wpdb->query( $wpdb->prepare("UPDATE $wpdb->term_taxonomy SET parent = 0 WHERE parent = %d AND taxonomy = 'category'", $category->term_id) );
    318324
    319325                                if ( $parents ) $clear_parents = true;
     
    366372                        if ( $tag = get_term( $tag_id, 'post_tag' ) ) {
    367373                                printf('<li>' . __('Converting tag <strong>%s</strong> ... '),  $tag->name);
    368374
     375                                // @RawSQLUse, trivial_implementation
    369376                                if ( $cat_ttid = $wpdb->get_var( $wpdb->prepare("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy WHERE term_id = %d AND taxonomy = 'category'", $tag->term_id) ) ) {
    370377                                        $objects_ids = get_objects_in_term($tag->term_id, 'post_tag');
    371378                                        $cat_ttid = (int) $cat_ttid;
     
    381388
    382389                                                if ( $default_cat != $tag->term_id ) {
    383390                                                        $count = $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $tag->term_id) );
     391                                                        // @RawSQLUse, method_exists
    384392                                                        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->term_taxonomy SET count = %d WHERE term_id = %d AND taxonomy = 'category'", $count, $tag->term_id) );
    385393                                                }
    386394                                        }
     
    394402                                }
    395403
    396404                                // Change the tag to a category.
     405                                // @RawSQLUse, trivial_implementation
    397406                                $parent = $wpdb->get_var( $wpdb->prepare("SELECT parent FROM $wpdb->term_taxonomy WHERE term_id = %d AND taxonomy = 'post_tag'", $tag->term_id) );
    398407                                if ( 0 == $parent || (0 < (int) $parent && $this->_category_exists($parent)) ) {
    399408                                        $reset_parent = '';
     
    401410                                } else
    402411                                        $reset_parent = ", parent = '0'";
    403412
     413                                // @RawSQLUse, method_exists
    404414                                $wpdb->query( $wpdb->prepare("UPDATE $wpdb->term_taxonomy SET taxonomy = 'category' $reset_parent WHERE term_id = %d AND taxonomy = 'post_tag'", $tag->term_id) );
    405415
    406416                                $clean_term_cache[] = $tag->term_id;
  • wp-admin/import/utw.php

     
    187187                global $wpdb;
    188188
    189189                // read in all the tags from the UTW tags table: should be wp_tags
     190                // @RawSQLUse, trivial_implementation
    190191                $tags_query = "SELECT tag_id, tag FROM " . $wpdb->prefix . "tags";
    191192
    192193                $tags = $wpdb->get_results($tags_query);
     
    207208                global $wpdb;
    208209
    209210                // read in all the posts from the UTW post->tag table: should be wp_post2tag
     211                // @RawSQLUse, trivial_implementation
    210212                $posts_query = "SELECT tag_id, post_id FROM " . $wpdb->prefix . "post2tag";
    211213
    212214                $posts = $wpdb->get_results($posts_query);
  • wp-admin/import/blogger.php

     
    685685                $host = $this->blogs[$importing_blog]['host'];
    686686
    687687                // Get an array of posts => authors
     688                // @RawSQLUse, trivial_implementation
    688689                $post_ids = (array) $wpdb->get_col( $wpdb->prepare("SELECT post_id FROM $wpdb->postmeta WHERE meta_key = 'blogger_blog' AND meta_value = %s", $host) );
    689690                $post_ids = join( ',', $post_ids );
    690691                $results = (array) $wpdb->get_results("SELECT post_id, meta_value FROM $wpdb->postmeta WHERE meta_key = 'blogger_author' AND post_id IN ($post_ids)");
  • wp-admin/import/textpattern.php

     
    3838        function link_exists($linkname)
    3939        {
    4040                global $wpdb;
     41                // @RawSQLUse, trivial_implementation
    4142                return $wpdb->get_var( $wpdb->prepare("SELECT link_id FROM $wpdb->links WHERE link_name = %s", $linkname) );
    4243        }
    4344}
     
    8485                $prefix = get_option('tpre');
    8586
    8687                // Get Categories
     88                // @RawSQLUse, trivial_implementation
    8789                return $txpdb->get_results('SELECT
    8890                        id,
    8991                        name,
     
    103105
    104106                // Get Users
    105107
     108                // @RawSQLUse, trivial_implementation
    106109                return $txpdb->get_results('SELECT
    107110                        user_id,
    108111                        name,
     
    120123                $prefix = get_option('tpre');
    121124
    122125                // Get Posts
     126                // @RawSQLUse, trivial_implementation
    123127                return $txpdb->get_results('SELECT
    124128                        ID,
    125129                        Posted,
     
    147151                $prefix = get_option('tpre');
    148152
    149153                // Get Comments
     154                // @RawSQLUse, trivial_implementation
    150155                return $txpdb->get_results('SELECT * FROM '.$prefix.'txp_discuss', ARRAY_A);
    151156        }
    152157
     
    157162                set_magic_quotes_runtime(0);
    158163                $prefix = get_option('tpre');
    159164
     165                // @RawSQLUse, trivial_implementation
    160166                return $txpdb->get_results('SELECT
    161167                        id,
    162168                        date,
  • wp-admin/import/wordpress.php

     
    677677                        $local_child_id = $this->post_ids_processed[$child_id];
    678678                        $local_parent_id = $this->post_ids_processed[$parent_id];
    679679                        if ($local_child_id and $local_parent_id) {
     680                                // @RawSQLUse, method_exists
    680681                                $wpdb->query( $wpdb->prepare("UPDATE {$wpdb->posts} SET post_parent = %d WHERE ID = %d", $local_parent_id, $local_child_id));
    681682                        }
    682683                }
  • wp-admin/upload.php

     
    2020
    2121        if ( ! current_user_can('edit_posts') )
    2222                wp_die( __('You are not allowed to scan for lost attachments.') );
    23 
     23       
    2424        $all_posts = $wpdb->get_col("SELECT ID FROM $wpdb->posts WHERE post_type = 'post' OR post_type = 'page'");
     25        // @RawSQLUse, trivial_implementation
    2526        $all_att = $wpdb->get_results("SELECT ID, post_parent FROM $wpdb->posts WHERE post_type = 'attachment'");
    2627
    2728        $lost = array();
     
    117118        } else {
    118119                $start = ( $_GET['paged'] - 1 ) * 25;
    119120                $orphans = $wpdb->get_results( "SELECT SQL_CALC_FOUND_ROWS * FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent < 1 LIMIT $start, 25" );
     121                // @RawSQLUse, trivial_implementation
    120122                $page_links_total = ceil($wpdb->get_var( "SELECT FOUND_ROWS()" ) / 25);
    121123        }