Changeset 6180 for trunk/wp-includes/post.php

Timestamp:

10/02/2007 06:45:47 PM (18 years ago)

Author:

markjaquith

Message:

prepare() for wp-includes/ link-template.php, post.php, general-template.php, pluggable.php, functions.php. see #4553

File:

• trunk/wp-includes/post.php (modified) (42 diffs)

trunk/wp-includes/post.php

@@ -114 +114 @@
             return get_page($_post, $output);
         else {
-            $query = "SELECT * FROM $wpdb->posts WHERE ID = '$post' LIMIT 1";
-            $_post = & $wpdb->get_row($query);
+            $_post = & $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID = %d LIMIT 1", $post));
             if ( 'page' == $_post->post_type )
                 return get_page($_post, $output);
@@ -224 +223 @@
             foreach ( $incposts as $incpost ) {
                 if (empty($inclusions))
-                    $inclusions = ' AND ( ID = ' . intval($incpost) . ' ';
+                    $inclusions = $wpdb->prepare(' AND ( ID = %d ', $incpost);
                 else
-                    $inclusions .= ' OR ID = ' . intval($incpost) . ' ';
+                    $inclusions .= $wpdb->prepare(' OR ID = %d ', $incpost);
             }
         }
@@ -239 +238 @@
             foreach ( $exposts as $expost ) {
                 if (empty($exclusions))
-                    $exclusions = ' AND ( ID <> ' . intval($expost) . ' ';
+                    $exclusions = $wpdb->prepare(' AND ( ID <> %d ', $expost);
                 else
-                    $exclusions .= ' AND ID <> ' . intval($expost) . ' ';
+                    $exclusions .= $wpdb->prepare(' AND ID <> %d ', $expost);
             }
         }
@@ -252 +251 @@
     $query .= empty( $meta_key ) ? '' : ", $wpdb->postmeta ";
     $query .= " WHERE 1=1 ";
-    $query .= empty( $post_type ) ? '' : "AND post_type = '$post_type' ";
-    $query .= empty( $post_status ) ? '' : "AND post_status = '$post_status' ";
+    $query .= empty( $post_type ) ? '' : $wpdb->prepare("AND post_type = %s ", $post_type);
+    $query .= empty( $post_status ) ? '' : $wpdb->prepare("AND post_status = %s ", $post_status);
     $query .= "$exclusions $inclusions " ;
-    $query .= empty( $category ) ? '' : "AND ($wpdb->posts.ID = $wpdb->term_relationships.object_id AND $wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id AND $wpdb->term_taxonomy.term_id = " . $category. ") ";
-    $query .= empty( $post_parent ) ? '' : "AND $wpdb->posts.post_parent = '$post_parent' ";
+    $query .= empty( $category ) ? '' : $wpdb->prepare("AND ($wpdb->posts.ID = $wpdb->term_relationships.object_id AND $wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id AND $wpdb->term_taxonomy.term_id = %d) ", $category);
+    $query .= empty( $post_parent ) ? '' : $wpdb->prepare("AND $wpdb->posts.post_parent = %d ", $post_parent);
+    // expected_slashed ($meta_key, $meta_value) -- Also, this looks really funky, doesn't seem like it works
     $query .= empty( $meta_key ) | empty($meta_value)  ? '' : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )";
     $query .= " GROUP BY $wpdb->posts.ID ORDER BY " . $orderby . ' ' . $order;
     if ( 0 < $numberposts )
-        $query .= " LIMIT " . $offset . ',' . $numberposts;
+        $query .= $wpdb->prepare(" LIMIT %d,%d", $offset, $numberposts);
 
     $posts = $wpdb->get_results($query);
@@ -276 +276 @@
     global $wpdb, $post_meta_cache, $blog_id;
 
-    $post_id = (int) $post_id;
-
     if ( $unique ) {
-        if ( $wpdb->get_var("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = '$post_id'") ) {
+        // expected_slashed ($key)
+        if ( $wpdb->get_var($wpdb->prepare("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = %d", $post_id)) ) {
             return false;
         }
@@ -287 +286 @@
 
     $value = maybe_serialize($value);
-    $value = $wpdb->escape($value);
-
-    $wpdb->query("INSERT INTO $wpdb->postmeta (post_id,meta_key,meta_value) VALUES ('$post_id','$key','$value')");
+
+    // expected_slashed ($key)
+    $wpdb->query($wpdb->prepare("INSERT INTO $wpdb->postmeta (post_id,meta_key,meta_value) VALUES (%d,'$key',%s)", $post_id, $value));
 
     return true;
@@ -297 +296 @@
     global $wpdb, $post_meta_cache, $blog_id;
 
-    $post_id = (int) $post_id;
-
     if ( empty($value) ) {
-        $meta_id = $wpdb->get_var("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key'");
-    } else {
-        $meta_id = $wpdb->get_var("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key' AND meta_value = '$value'");
+        // expected_slashed ($key)
+        $meta_id = $wpdb->get_var($wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key'", $post_id));
+    } else {
+        // expected_slashed ($key, $value)
+        $meta_id = $wpdb->get_var($wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key' AND meta_value = '$value'", $post_id));
     }
 
@@ -309 +308 @@
 
     if ( empty($value) ) {
-        $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key'");
+        // expected_slashed ($key)
+        $wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key'", $post_id));
         unset($post_meta_cache[$blog_id][$post_id][$key]);
     } else {
-        $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key' AND meta_value = '$value'");
+        // expected_slashed ($key, $value)
+        $wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key' AND meta_value = '$value'", $post_id));
         $cache_key = $post_meta_cache[$blog_id][$post_id][$key];
         if ($cache_key) foreach ( $cache_key as $index => $data )
@@ -353 +354 @@
     global $wpdb, $post_meta_cache, $blog_id;
 
-    $post_id = (int) $post_id;
-
     $original_value = $value;
     $value = maybe_serialize($value);
-    $value = $wpdb->escape($value);
 
     $original_prev = $prev_value;
     $prev_value = maybe_serialize($prev_value);
-    $prev_value = $wpdb->escape($prev_value);
-
-    if (! $wpdb->get_var("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = '$post_id'") ) {
+
+    // expected_slashed ($key)
+    if (! $wpdb->get_var($wpdb->prepare("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = %d", $post_id)) ) {
         return false;
     }
 
     if ( empty($prev_value) ) {
-        $wpdb->query("UPDATE $wpdb->postmeta SET meta_value = '$value' WHERE meta_key = '$key' AND post_id = '$post_id'");
+        // expected_slashed ($key)
+        $wpdb->query($wpdb->prepare("UPDATE $wpdb->postmeta SET meta_value = %s WHERE meta_key = '$key' AND post_id = %d", $value, $post_id));
         $cache_key = $post_meta_cache[$blog_id][$post_id][$key];
         if ( !empty($cache_key) )
@@ -374 +373 @@
                 $post_meta_cache[$blog_id][$post_id][$key][$index] = $original_value;
     } else {
-        $wpdb->query("UPDATE $wpdb->postmeta SET meta_value = '$value' WHERE meta_key = '$key' AND post_id = '$post_id' AND meta_value = '$prev_value'");
+        // expected_slashed ($key)
+        $wpdb->query($wpdb->prepare("UPDATE $wpdb->postmeta SET meta_value = %s WHERE meta_key = '$key' AND post_id = %d AND meta_value = %s", $value, $post_id, $prev_value));
         $cache_key = $post_meta_cache[$blog_id][$post_id][$key];
         if ( !empty($cache_key) )
@@ -388 +388 @@
 function delete_post_meta_by_key($post_meta_key) {
     global $wpdb, $post_meta_cache, $blog_id;
-    $post_meta_key = $wpdb->escape($post_meta_key);
-    if ( $wpdb->query("DELETE FROM $wpdb->postmeta WHERE meta_key = '$post_meta_key'") ) {
+    if ( $wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE meta_key = %s", $post_meta_key)) ) {
         unset($post_meta_cache[$blog_id]); // not worth doing the work to iterate through the cache
         return true;
@@ -505 +504 @@
 function wp_delete_post($postid = 0) {
     global $wpdb, $wp_rewrite;
-    $postid = (int) $postid;
-
-    if ( !$post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID = $postid") )
+
+    if ( !$post = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID = %d", $postid)) )
         return $post;
 
@@ -519 +517 @@
 
     if ( 'page' == $post->post_type )
-        $wpdb->query("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = $postid AND post_type = 'page'");
-
-    $wpdb->query("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = $postid AND post_type = 'attachment'");
-
-    $wpdb->query("DELETE FROM $wpdb->posts WHERE ID = $postid");
-
-    $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_post_ID = $postid");
-
-    $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = $postid");
+        $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = %d AND post_type = 'page'", $postid ));
+
+    $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_parent = %s WHERE post_parent = %d AND post_type = 'attachment'", $post->post_parent, $postid ));
+
+    $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid ));
+
+    $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->comments WHERE comment_post_ID = %d", $postid ));
+
+    $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d", $postid ));
 
     if ( 'page' == $post->post_type ) {
@@ -695 +693 @@
 
     if ( 'draft' != $post_status ) {
-        $post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_type = '$post_type' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1");
+        // expected_slashed ($post_name, $post_type)
+        $post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_type = '$post_type' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent));
 
         if ($post_name_check || in_array($post_name, $wp_rewrite->feeds) ) {
@@ -701 +700 @@
             do {
                 $alt_post_name = substr($post_name, 0, 200-(strlen($suffix)+1)). "-$suffix";
-                $post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_type = '$post_type' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1");
+                // expected_slashed ($alt_post_name, $post_name, $post_type)
+                $post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_type = '$post_type' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent));
                 $suffix++;
             } while ($post_name_check);
@@ -709 +709 @@
 
     if ($update) {
+        // expected_slashed (everything!)
         $wpdb->query(
+            $wpdb->prepare(
             "UPDATE IGNORE $wpdb->posts SET
             post_author = '$post_author',
@@ -728 +730 @@
             post_modified = '".current_time('mysql')."',
             post_modified_gmt = '".current_time('mysql',1)."',
-            post_parent = '$post_parent',
+            post_parent = %d,
             menu_order = '$menu_order'
-            WHERE ID = $post_ID");
-    } else {
+            WHERE ID = %d"
+            , $post_parent, $post_ID ));
+    } else {
+        // expected_slashed (everything!)
         $wpdb->query(
+            $wpdb->prepare(
             "INSERT IGNORE INTO $wpdb->posts
             (post_author, post_date, post_date_gmt, post_content, post_content_filtered, post_title, post_excerpt,  post_status, post_type, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_parent, menu_order, post_mime_type)
             VALUES
-            ('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order', '$post_mime_type')");
+            ('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', %d, '$menu_order', '$post_mime_type')", $post_parent));
             $post_ID = (int) $wpdb->insert_id;
     }
@@ -742 +747 @@
     if ( empty($post_name) && 'draft' != $post_status ) {
         $post_name = sanitize_title($post_title, $post_ID);
-        $wpdb->query( "UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = '$post_ID'" );
+        // expected_slashed ($post_name)
+        $wpdb->query($wpdb->prepare("UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = %d", $post_ID));
     }
 
@@ -756 +762 @@
     // Set GUID
     if ( ! $update )
-        $wpdb->query("UPDATE $wpdb->posts SET guid = '" . get_permalink($post_ID) . "' WHERE ID = '$post_ID'");
+        $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET guid = %s WHERE ID = %d", get_permalink($post_ID), $post_ID ));
 
     $post = get_post($post_ID);
@@ -824 +830 @@
         return;
 
-    $wpdb->query( "UPDATE $wpdb->posts SET post_status = 'publish' WHERE ID = '$post_id'" );
+    $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_status = 'publish' WHERE ID = %d", $post_id ));
 
     $old_status = $post->post_status;
@@ -884 +890 @@
 function add_ping($post_id, $uri) { // Add a URL to those already pung
     global $wpdb;
-    $pung = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_id");
+    $pung = $wpdb->get_var( $wpdb->prepare( "SELECT pinged FROM $wpdb->posts WHERE ID = %d", $post_id ));
     $pung = trim($pung);
     $pung = preg_split('/\s/', $pung);
@@ -890 +896 @@
     $new = implode("\n", $pung);
     $new = apply_filters('add_ping', $new);
-    return $wpdb->query("UPDATE $wpdb->posts SET pinged = '$new' WHERE ID = $post_id");
+    // expected_slashed ($new)
+    return $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET pinged = '$new' WHERE ID = %d", $post_id ));
 }
 
@@ -914 +921 @@
 function get_pung($post_id) { // Get URLs already pung for a post
     global $wpdb;
-    $pung = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_id");
+    $pung = $wpdb->get_var( $wpdb->prepare( "SELECT pinged FROM $wpdb->posts WHERE ID = %d", $post_id ));
     $pung = trim($pung);
     $pung = preg_split('/\s/', $pung);
@@ -923 +930 @@
 function get_to_ping($post_id) { // Get any URLs in the todo list
     global $wpdb;
-    $to_ping = $wpdb->get_var("SELECT to_ping FROM $wpdb->posts WHERE ID = $post_id");
+    $to_ping = $wpdb->get_var( $wpdb->prepare( "SELECT to_ping FROM $wpdb->posts WHERE ID = %d", $post_id ));
     $to_ping = trim($to_ping);
     $to_ping = preg_split('/\s/', $to_ping, -1, PREG_SPLIT_NO_EMPTY);
@@ -1002 +1009 @@
             } else { // it's not in any caches, so off to the DB we go
                 // Why are we using assignment for this query?
-                $_page = & $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID= '$page' LIMIT 1");
+                $_page = & $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE ID= %d LIMIT 1", $page ));
                 if ( 'post' == $_page->post_type )
                     return get_post($_page, $output);
@@ -1036 +1043 @@
         $full_path .= ($pathdir!=''?'/':'') . sanitize_title($pathdir);
 
-    $pages = $wpdb->get_results("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_name = '$leaf_path' AND post_type='page'");
+    $pages = $wpdb->get_results( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_name = %s AND post_type='page'", $leaf_path ));
 
     if ( empty($pages) )
@@ -1045 +1052 @@
         $curpage = $page;
         while ($curpage->post_parent != 0) {
-            $curpage = $wpdb->get_row("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE ID = '$curpage->post_parent' and post_type='page'");
+            $curpage = $wpdb->get_row( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE ID = %d and post_type='page'", $curpage->post_parent ));
             $path = '/' . $curpage->post_name . $path;
         }
@@ -1058 +1065 @@
 function get_page_by_title($page_title, $output = OBJECT) {
     global $wpdb;
-    $page_title = $wpdb->escape($page_title);
-    $page = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$page_title' AND post_type='page'");
+    $page = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_title = %s AND post_type='page'", $page_title ));
     if ( $page )
         return get_page($page, $output);
@@ -1142 +1148 @@
             foreach ( $incpages as $incpage ) {
                 if (empty($inclusions))
-                    $inclusions = ' AND ( ID = ' . intval($incpage) . ' ';
+                    $inclusions = $wpdb->prepare(' AND ( ID = %d ', $incpage);
                 else
-                    $inclusions .= ' OR ID = ' . intval($incpage) . ' ';
+                    $inclusions .= $wpdb->prepare(' OR ID = %d ', $incpage);
             }
         }
@@ -1157 +1163 @@
             foreach ( $expages as $expage ) {
                 if (empty($exclusions))
-                    $exclusions = ' AND ( ID <> ' . intval($expage) . ' ';
+                    $exclusions = $wpdb->prepare(' AND ( ID <> %d ', $expage);
                 else
-                    $exclusions .= ' AND ID <> ' . intval($expage) . ' ';
+                    $exclusions .= $wpdb->prepare(' AND ID <> %d ', $expage);
             }
         }
@@ -1183 +1189 @@
 
                 if ( '' == $author_query )
-                    $author_query = ' post_author = ' . intval($post_author) . ' ';
+                    $author_query = $wpdb->prepare(' post_author = %d ', $post_author);
                 else
-                    $author_query .= ' OR post_author = ' . intval($post_author) . ' ';
+                    $author_query .= $wpdb->prepare(' OR post_author = %d ', $post_author);
             }
             if ( '' != $author_query )
@@ -1195 +1201 @@
     $query .= ( empty( $meta_key ) ? "" : ", $wpdb->postmeta " ) ;
     $query .= " WHERE (post_type = 'page' AND post_status = 'publish') $exclusions $inclusions " ;
+    // expected_slashed ($meta_key, $meta_value) -- also, it looks funky
     $query .= ( empty( $meta_key ) | empty($meta_value)  ? "" : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )" ) ;
     $query .= $author_query;
@@ -1235 +1242 @@
             // URL => page name
             $uri = get_page_uri($id);
-            $attachments = $wpdb->get_results("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = '$id'");
+            $attachments = $wpdb->get_results( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = %d", $id ));
             if ( $attachments ) {
                 foreach ( $attachments as $attachment ) {
@@ -1313 +1320 @@
         $post_name = sanitize_title($post_name);
 
+    // expected_slashed ($post_name)
     $post_name_check =
-        $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_status = 'inherit' AND ID != '$post_ID' LIMIT 1");
+        $wpdb->get_var( $wpdb->prepare( "SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_status = 'inherit' AND ID != %d LIMIT 1", $post_ID));
 
     if ($post_name_check) {
@@ -1320 +1328 @@
         while ($post_name_check) {
             $alt_post_name = $post_name . "-$suffix";
-            $post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_status = 'inherit' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1");
+            // expected_slashed ($alt_post_name, $post_name)
+            $post_name_check = $wpdb->get_var( $wpdb->prepare( "SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_status = 'inherit' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent));
             $suffix++;
         }
@@ -1362 +1371 @@
 
     if ($update) {
+        // expected_slashed (everything!)
         $wpdb->query(
+            $wpdb->prepare(
             "UPDATE $wpdb->posts SET
             post_author = '$post_author',
@@ -1381 +1392 @@
             post_modified = '".current_time('mysql')."',
             post_modified_gmt = '".current_time('mysql',1)."',
-            post_parent = '$post_parent',
+            post_parent = %d,
             menu_order = '$menu_order',
             post_mime_type = '$post_mime_type',
             guid = '$guid'
-            WHERE ID = $post_ID");
-    } else {
+            WHERE ID = %d", $post_parent, $post_ID));
+    } else {
+        // expected_slashed (everything!)
         $wpdb->query(
+            $wpdb->prepare(
             "INSERT INTO $wpdb->posts
             (post_author, post_date, post_date_gmt, post_content, post_content_filtered, post_title, post_excerpt,  post_status, post_type, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_parent, menu_order, post_mime_type, guid)
             VALUES
-            ('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order', '$post_mime_type', '$guid')");
+            ('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', %d, '$menu_order', '$post_mime_type', '$guid')", $post_parent ));
             $post_ID = (int) $wpdb->insert_id;
     }
@@ -1397 +1410 @@
     if ( empty($post_name) ) {
         $post_name = sanitize_title($post_title, $post_ID);
-        $wpdb->query( "UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = '$post_ID'" );
+        // expected_slashed ($post_name)
+        $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = %d", $post_ID));
     }
 
@@ -1418 +1432 @@
 function wp_delete_attachment($postid) {
     global $wpdb;
-    $postid = (int) $postid;
-
-    if ( !$post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID = '$postid'") )
+
+    if ( !$post = $wpdb->get_row(  $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE ID = %d", $postid)) )
         return $post;
 
@@ -1432 +1445 @@
     wp_delete_object_term_relationships($postid, array('category', 'post_tag'));
 
-    $wpdb->query("DELETE FROM $wpdb->posts WHERE ID = '$postid'");
-
-    $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_post_ID = '$postid'");
-
-    $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$postid'");
+    $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid ));
+
+    $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->comments WHERE comment_post_ID = %d", $postid ));
+
+    $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d ", $postid ));
 
     if ( ! empty($meta['thumb']) ) {
         // Don't delete the thumb if another attachment uses it
-        if (! $wpdb->get_row("SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE '%".$wpdb->escape($meta['thumb'])."%' AND post_id <> $postid")) {
+        if (! $wpdb->get_row( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE %s AND post_id <> %d", '%'.$meta['thumb'].'%', $postid)) ) {
             $thumbfile = str_replace(basename($file), $meta['thumb'], $file);
             $thumbfile = apply_filters('wp_delete_file', $thumbfile);
@@ -1832 +1845 @@
     if ( $old_status != 'publish' && $new_status == 'publish' ) {
             // Reset GUID if transitioning to publish.
-            $wpdb->query("UPDATE $wpdb->posts SET guid = '" . get_permalink($post->ID) . "' WHERE ID = '$post->ID'");
+            $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET guid = %s WHERE ID = %d", get_permalink($post->ID), $post->ID ));
             do_action('private_to_published', $post->ID);  // Deprecated, use private_to_publish
     }
@@ -1860 +1873 @@
 
     if ( get_option('default_pingback_flag') )
-        $result = $wpdb->query("
+        $result = $wpdb->query( $wpdb->prepare( "
             INSERT INTO $wpdb->postmeta
             (post_id,meta_key,meta_value)
-            VALUES ('$post_id','_pingme','1')
-        ");
-    $result = $wpdb->query("
+            VALUES (%s,'_pingme','1')
+        ", $post_id ));
+    $result = $wpdb->query( $wpdb->prepare( "
         INSERT INTO $wpdb->postmeta
         (post_id,meta_key,meta_value)
-        VALUES ('$post_id','_encloseme','1')
-    ");
+        VALUES (%s,'_encloseme','1')
+    ", $post_id ));
     wp_schedule_single_event(time(), 'do_pings');
 }