WordPress.org

Make WordPress Core

Changeset 10722


Ignore:
Timestamp:
03/05/2009 10:16:29 PM (10 years ago)
Author:
ryan
Message:

post_exists() and comment_exists() fixes. Fixes post duplication during import. Props tott. fixes #8460

Location:
trunk/wp-admin/includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/comment.php

    r9217 r10722  
    1919function comment_exists($comment_author, $comment_date) {
    2020    global $wpdb;
     21
     22    $comment_author = stripslashes($comment_author);
     23    $comment_date = stripslashes($comment_date);
    2124
    2225    return $wpdb->get_var( $wpdb->prepare("SELECT comment_post_ID FROM $wpdb->comments
  • trunk/wp-admin/includes/post.php

    r10606 r10722  
    398398
    399399/**
    400  * {@internal Missing Short Description}}
    401  *
    402  * @since unknown
    403  *
    404  * @param unknown_type $title
    405  * @param unknown_type $content
    406  * @param unknown_type $post_date
    407  * @return unknown
    408  */
    409 function post_exists($title, $content = '', $post_date = '') {
     400 * Determine if a post exists based on title, content, and date
     401 *
     402 * @since unknown
     403 *
     404 * @param string $title Post title
     405 * @param string $content Optional post content
     406 * @param string $date Optional post date
     407 * @return int Post ID if post exists, 0 otherwise.
     408 */
     409function post_exists($title, $content = '', $date = '') {
    410410    global $wpdb;
    411411
    412     $title = stripslashes($title);
    413     $content = stripslashes($content);
    414     $post_date = stripslashes($post_date);
    415 
    416     if (!empty ($post_date))
    417         $post_date = $wpdb->prepare("AND post_date = %s", $post_date);
    418 
    419     if (!empty ($title))
    420         return $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title = %s $post_date", $title) );
    421     else
    422         if (!empty ($content))
    423             return $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_content = %s $post_date", $content) );
     412    $post_title = stripslashes( sanitize_post_field( 'post_title', $title, 0, 'db' ) );
     413    $post_content = stripslashes( sanitize_post_field( 'post_content', $content, 0, 'db' ) );   
     414    $post_date = stripslashes( sanitize_post_field( 'post_date', $date, 0, 'db' ) );
     415
     416    $query = "SELECT ID FROM $wpdb->posts WHERE 1=1";
     417    $args = array();
     418
     419    if ( !empty ( $date ) ) {
     420        $query .= ' AND post_date = %s';
     421        $args[] = $post_date;
     422    }
     423
     424    if ( !empty ( $title ) ) {
     425        $query .= ' AND post_title = %s';
     426        $args[] = $post_title;
     427    }
     428
     429    if ( !empty ( $content ) ) {
     430        $query .= 'AND post_content = %s';
     431        $args[] = $post_content;
     432    }
     433   
     434    if ( !empty ( $args ) )
     435        return $wpdb->get_var( $wpdb->prepare($query, $args) );
    424436
    425437    return 0;
Note: See TracChangeset for help on using the changeset viewer.