Make WordPress Core


Ignore:
Timestamp:
05/21/2015 06:42:49 PM (10 years ago)
Author:
boonebgorges
Message:

Support multiple post types in count_user_posts() and other functions that use get_posts_by_author_sql().

Props nikonratm.
Fixes #32243.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/post.php

    r32355 r32523  
    53285328 * @since 2.2.0
    53295329 *
    5330  * @param string $post_type Post type. Currently only supports 'post' or 'page'.
     5330 * @param string|array $post_type Array or comma-separated string of post types.
     5331 *                                Currently only supports 'post' or 'page'.
    53315332 * @return string SQL code that can be added to a where clause.
    53325333 */
     
    53395340 *
    53405341 * @since 3.0.0
     5342 * @since 4.3.0 Introduced the ability to pass multiple post types to `$post_type`.
    53415343 *
    53425344 * @see get_private_posts_cap_sql()
    53435345 *
    5344  * @param string $post_type   Post type.
    5345  * @param bool   $full        Optional. Returns a full WHERE statement instead of just
    5346  *                            an 'andalso' term. Default true.
    5347  * @param int    $post_author Optional. Query posts having a single author ID. Default null.
    5348  * @param bool   $public_only Optional. Only return public posts. Skips cap checks for
    5349  *                            $current_user.  Default false.
     5346 * @param array|string   $post_type   Array or comma-separated list of post type(s).
     5347 * @param bool           $full        Optional. Returns a full WHERE statement instead of just
     5348 *                                    an 'andalso' term. Default true.
     5349 * @param int            $post_author Optional. Query posts having a single author ID. Default null.
     5350 * @param bool           $public_only Optional. Only return public posts. Skips cap checks for
     5351 *                                    $current_user.  Default false.
    53505352 * @return string SQL WHERE code that can be added to a query.
    53515353 */
     
    53535355    global $wpdb;
    53545356
    5355     // Private posts.
    5356     $post_type_obj = get_post_type_object( $post_type );
    5357     if ( ! $post_type_obj )
    5358         return $full ? 'WHERE 1 = 0' : ' 1 = 0 ';
    5359 
    5360     /**
    5361      * Filter the capability to read private posts for a custom post type
    5362      * when generating SQL for getting posts by author.
    5363      *
    5364      * @since 2.2.0
    5365      * @deprecated 3.2.0 The hook transitioned from "somewhat useless" to "totally useless".
    5366      *
    5367      * @param string $cap Capability.
    5368      */
    5369     if ( ! $cap = apply_filters( 'pub_priv_sql_capability', '' ) ) {
    5370         $cap = $post_type_obj->cap->read_private_posts;
    5371     }
    5372 
    5373     $sql = $wpdb->prepare( 'post_type = %s', $post_type );
     5357    if ( is_array( $post_type ) ) {
     5358        $post_types = $post_type;
     5359    } else {
     5360        $post_types = preg_split( '/[\s,]+/', $post_type );
     5361    }
     5362
     5363    $post_type_clauses = array();
     5364    foreach ( $post_types as $post_type ) {
     5365        $post_type_obj = get_post_type_object( $post_type );
     5366        if ( ! $post_type_obj ) {
     5367            continue;
     5368        }
     5369
     5370        /**
     5371         * Filter the capability to read private posts for a custom post type
     5372         * when generating SQL for getting posts by author.
     5373         *
     5374         * @since 2.2.0
     5375         * @deprecated 3.2.0 The hook transitioned from "somewhat useless" to "totally useless".
     5376         *
     5377         * @param string $cap Capability.
     5378         */
     5379        if ( ! $cap = apply_filters( 'pub_priv_sql_capability', '' ) ) {
     5380            $cap = current_user_can( $post_type_obj->cap->read_private_posts );
     5381        }
     5382
     5383        // Only need to check the cap if $public_only is false.
     5384        $post_status_sql = "post_status = 'publish'";
     5385        if ( false === $public_only ) {
     5386            if ( $cap ) {
     5387                // Does the user have the capability to view private posts? Guess so.
     5388                $post_status_sql .= " OR post_status = 'private'";
     5389            } elseif ( is_user_logged_in() ) {
     5390                // Users can view their own private posts.
     5391                $id = get_current_user_id();
     5392                if ( null === $post_author || ! $full ) {
     5393                    $post_status_sql .= " OR post_status = 'private' AND post_author = $id";
     5394                } elseif ( $id == (int) $post_author ) {
     5395                    $post_status_sql .= " OR post_status = 'private'";
     5396                } // else none
     5397            } // else none
     5398        }
     5399
     5400        $post_type_clauses[] = "( post_type = '" . $post_type . "' AND ( $post_status_sql ) )";
     5401    }
     5402
     5403    if ( empty( $post_type_clauses ) ) {
     5404        return $full ? 'WHERE 1 = 0' : '1 = 0';
     5405    }
     5406
     5407    $sql = '( '. implode( ' OR ', $post_type_clauses ) . ' )';
    53745408
    53755409    if ( null !== $post_author ) {
    53765410        $sql .= $wpdb->prepare( ' AND post_author = %d', $post_author );
    53775411    }
    5378 
    5379     // Only need to check the cap if $public_only is false.
    5380     $post_status_sql = "post_status = 'publish'";
    5381     if ( false === $public_only ) {
    5382         if ( current_user_can( $cap ) ) {
    5383             // Does the user have the capability to view private posts? Guess so.
    5384             $post_status_sql .= " OR post_status = 'private'";
    5385         } elseif ( is_user_logged_in() ) {
    5386             // Users can view their own private posts.
    5387             $id = get_current_user_id();
    5388             if ( null === $post_author || ! $full ) {
    5389                 $post_status_sql .= " OR post_status = 'private' AND post_author = $id";
    5390             } elseif ( $id == (int) $post_author ) {
    5391                 $post_status_sql .= " OR post_status = 'private'";
    5392             } // else none
    5393         } // else none
    5394     }
    5395 
    5396     $sql .= " AND ($post_status_sql)";
    53975412
    53985413    if ( $full ) {
Note: See TracChangeset for help on using the changeset viewer.