Changeset 6241
- Timestamp:
- 10/13/2007 03:51:11 AM (17 years ago)
- Location:
- trunk/wp-includes
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/registration.php
r5708 r6241 22 22 function email_exists( $email ) { 23 23 global $wpdb; 24 $email = $wpdb->escape( $email ); 25 return $wpdb->get_var( "SELECT ID FROM $wpdb->users WHERE user_email = '$email'" ); 24 return $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->users WHERE user_email = %s", $email) ); 26 25 } 27 26 … … 99 98 $user_registered = gmdate('Y-m-d H:i:s'); 100 99 100 $data = compact( 'user_pass', 'user_email', 'user_url', 'user_nicename', 'display_name' ); 101 101 102 if ( $update ) { 102 $query = "UPDATE $wpdb->users SET user_pass='$user_pass', user_email='$user_email', user_url='$user_url', user_nicename = '$user_nicename', display_name = '$display_name' WHERE ID = '$ID'"; 103 $query = apply_filters('update_user_query', $query); 104 $wpdb->query( $query ); 103 $wpdb->update( $wpdb->users, $data, compact( 'ID' ) ); 105 104 $user_id = (int) $ID; 106 105 } else { 107 $query = "INSERT INTO $wpdb->users 108 (user_login, user_pass, user_email, user_url, user_registered, user_nicename, display_name) 109 VALUES 110 ('$user_login', '$user_pass', '$user_email', '$user_url', '$user_registered', '$user_nicename', '$display_name')"; 111 $query = apply_filters('create_user_query', $query); 112 $wpdb->query( $query ); 106 $wpdb->insert( $wpdb->users, $data + compact( 'user_login' ) ); 113 107 $user_id = (int) $wpdb->insert_id; 114 108 } … … 146 140 /** 147 141 * Update an user in the database. 148 * @global object $wpdb WordPress database layer.149 142 * @param array $userdata An array of user data. 150 143 * @return int The updated user's ID. 151 144 */ 152 145 function wp_update_user($userdata) { 153 global $wpdb;154 155 146 $ID = (int) $userdata['ID']; 156 147 -
trunk/wp-includes/rss.php
r6026 r6241 668 668 $cache_timestamp = 'rss_' . $this->file_name( $url ) . '_ts'; 669 669 670 if ( !$wpdb->get_var("SELECT option_name FROM $wpdb->options WHERE option_name = '$cache_option'") ) 670 // shouldn't these be using get_option() ? 671 if ( !$wpdb->get_var( $wpdb->prepare( "SELECT option_name FROM $wpdb->options WHERE option_name = %s", $cache_option ) ) ) 671 672 add_option($cache_option, '', '', 'no'); 672 if ( !$wpdb->get_var( "SELECT option_name FROM $wpdb->options WHERE option_name = '$cache_timestamp'") )673 if ( !$wpdb->get_var( $wpdb->prepare( "SELECT option_name FROM $wpdb->options WHERE option_name = %s", $cache_timestamp ) ) ) 673 674 add_option($cache_timestamp, '', '', 'no'); 674 675 -
trunk/wp-includes/taxonomy.php
r6224 r6241 196 196 extract($args, EXTR_SKIP); 197 197 198 $order = ( 'desc' == strtolower($order) ) ? 'DESC' : 'ASC'; 199 198 200 $terms = array_map('intval', $terms); 199 201 … … 241 243 $term = (int) $term; 242 244 if ( ! $_term = wp_cache_get($term, $taxonomy) ) { 243 $_term = $wpdb->get_row( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = '$taxonomy' AND t.term_id = '$term' LIMIT 1");245 $_term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = %s AND t.term_id = %s LIMIT 1", $taxonomy, $term) ); 244 246 wp_cache_add($term, $_term, $taxonomy); 245 247 } … … 315 317 } 316 318 317 $term = $wpdb->get_row( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = '$taxonomy' AND $field = '$value' LIMIT 1");319 $term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = %s AND $field = %s LIMIT 1", $taxonomy, $value) ); 318 320 if ( !$term ) 319 321 return false; … … 467 469 'pad_counts' => false); 468 470 $args = wp_parse_args( $args, $defaults ); 469 $args['number'] = (int) $args['number'];471 $args['number'] = absint( $args['number'] ); 470 472 if ( !$single_taxonomy || !is_taxonomy_hierarchical($taxonomies[0]) || 471 473 '' != $args['parent'] ) { … … 634 636 if ( 0 == $term ) 635 637 return 0; 636 $where = "t.term_id = '$term'";638 $where = $wpdb->prepare( "t.term_id = %d", $term ); 637 639 } else { 638 640 if ( ! $term = sanitize_title($term) ) 639 641 return 0; 640 $where = "t.slug = '$term'";642 $where = $wpdb->prepare( "t.slug = %s", $term ); 641 643 } 642 644 … … 646 648 return $term_id; 647 649 650 $taxonomy = $wpdb->escape( $taxonomy ); 648 651 return $wpdb->get_row("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = '$taxonomy'", ARRAY_A); 649 652 } … … 752 755 $where = 'AND count > 0'; 753 756 757 $taxonomy = $wpdb->escape( $taxonomy ); 754 758 return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE taxonomy = '$taxonomy' $where"); 755 759 } … … 809 813 $parent = $term_obj->parent; 810 814 811 $wpdb-> query("UPDATE $wpdb->term_taxonomy SET parent = '$parent' WHERE parent = '$term_obj->term_id' AND taxonomy = '$taxonomy'");812 } 813 814 $objects = $wpdb->get_col( "SELECT object_id FROM $wpdb->term_relationships WHERE term_taxonomy_id = '$tt_id'");815 $wpdb->update( $wpdb->term_taxonomy, compact( $parent ), array( 'parent' => $term_obj->term_id) + compact( $taxonomy ) ); 816 } 817 818 $objects = $wpdb->get_col( $wpdb->prepare( "SELECT object_id FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $tt_id ) ); 815 819 816 820 foreach ( (array) $objects as $object ) { … … 824 828 } 825 829 826 $wpdb->query( "DELETE FROM $wpdb->term_taxonomy WHERE term_taxonomy_id = '$tt_id'");830 $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->term_taxonomy WHERE term_taxonomy_id = %d", $tt_id ) ); 827 831 828 832 // Delete the term if no taxonomies use it. 829 if ( !$wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE term_id = '$term'") )830 $wpdb->query( "DELETE FROM $wpdb->terms WHERE term_id = '$term'");833 if ( !$wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE term_id = %d", $term) ) ) 834 $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->terms WHERE term_id = %d", $term) ); 831 835 832 836 clean_term_cache($term, $taxonomy); … … 928 932 $term_group = 0; 929 933 if ( $alias_of ) { 930 $alias = $wpdb->fetch_row( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = '$alias_of'");934 $alias = $wpdb->fetch_row( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $alias_of) ); 931 935 if ( $alias->term_group ) { 932 936 // The alias we want is already in a group, so let's use that one. … … 935 939 // The alias isn't in a group, so let's create a new one and firstly add the alias term to it. 936 940 $term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms GROUP BY term_group") + 1; 937 $wpdb->query( "UPDATE $wpdb->terms SET term_group = $term_group WHERE term_id = $alias->term_id");941 $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->terms SET term_group = %d WHERE term_id = %d", $term_group, $alias->term_id ) ); 938 942 } 939 943 } 940 944 941 945 if ( ! $term_id = is_term($slug) ) { 942 $wpdb-> query("INSERT INTO $wpdb->terms (name, slug, term_group) VALUES ('$name', '$slug', '$term_group')");946 $wpdb->insert( $wpdb->terms, compact( 'name', 'slug', 'term_group' ) ); 943 947 $term_id = (int) $wpdb->insert_id; 944 948 } else if ( is_taxonomy_hierarchical($taxonomy) && !empty($parent) ) { … … 946 950 // by incorporating parent slugs. 947 951 $slug = wp_unique_term_slug($slug, (object) $args); 948 $wpdb-> query("INSERT INTO $wpdb->terms (name, slug, term_group) VALUES ('$name', '$slug', '$term_group')");952 $wpdb->insert( $wpdb->terms, compact( 'name', 'slug', 'term_group' ) ); 949 953 $term_id = (int) $wpdb->insert_id; 950 954 } … … 952 956 if ( empty($slug) ) { 953 957 $slug = sanitize_title($slug, $term_id); 954 $wpdb-> query("UPDATE $wpdb->terms SET slug = '$slug' WHERE term_id = '$term_id'");955 } 956 957 $tt_id = $wpdb->get_var( "SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = '$taxonomy' AND t.term_id = $term_id");958 $wpdb->update( $wpdb->terms, compact( 'slug' ), compact( 'term_id' ) ); 959 } 960 961 $tt_id = $wpdb->get_var( $wpdb->prepare( "SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = %s AND t.term_id = %d", $taxonomy, $term_id ) ); 958 962 959 963 if ( !empty($tt_id) ) 960 964 return array('term_id' => $term_id, 'term_taxonomy_id' => $tt_id); 961 965 962 $wpdb-> query("INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ('$term_id', '$taxonomy', '$description', '$parent', '0')");966 $wpdb->insert( $wpdb->term_taxonomy, compact( 'term_id', 'taxonomy', 'description', 'parent') + array( 'count' => 0 ) ); 963 967 $tt_id = (int) $wpdb->insert_id; 964 968 … … 1012 1016 $tt_ids[] = $id; 1013 1017 1014 if ( $wpdb->get_var( "SELECT term_taxonomy_id FROM $wpdb->term_relationships WHERE object_id = '$object_id' AND term_taxonomy_id = '$id'") )1018 if ( $wpdb->get_var( $wpdb->prepare( "SELECT term_taxonomy_id FROM $wpdb->term_relationships WHERE object_id = %d AND term_taxonomy_id = %d", $object_id, $id ) ) ) 1015 1019 continue; 1016 $wpdb-> query("INSERT INTO $wpdb->term_relationships (object_id, term_taxonomy_id) VALUES ('$object_id', '$id')");1020 $wpdb->insert( $wpdb->term_relationships, array( 'object_id' => $object_id, 'term_taxonomy_id' => $id ) ); 1017 1021 } 1018 1022 … … 1050 1054 1051 1055 // If we didn't get a unique slug, try appending a number to make it unique. 1052 if ( $wpdb->get_var( "SELECT slug FROM $wpdb->terms WHERE slug = '$slug'") ) {1056 if ( $wpdb->get_var( $wpdb->prepare( "SELECT slug FROM $wpdb->terms WHERE slug = %s", $slug ) ) ) { 1053 1057 $num = 2; 1054 1058 do { 1055 1059 $alt_slug = $slug . "-$num"; 1056 1060 $num++; 1057 $slug_check = $wpdb->get_var( "SELECT slug FROM $wpdb->terms WHERE slug = '$alt_slug'");1061 $slug_check = $wpdb->get_var( $wpdb->prepare( "SELECT slug FROM $wpdb->terms WHERE slug = %s", $alt_slug ) ); 1058 1062 } while ( $slug_check ); 1059 1063 $slug = $alt_slug; … … 1092 1096 1093 1097 if ( $alias_of ) { 1094 $alias = $wpdb->fetch_row( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = '$alias_of'");1098 $alias = $wpdb->fetch_row( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $alias_of) ); 1095 1099 if ( $alias->term_group ) { 1096 1100 // The alias we want is already in a group, so let's use that one. … … 1099 1103 // The alias isn't in a group, so let's create a new one and firstly add the alias term to it. 1100 1104 $term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms GROUP BY term_group") + 1; 1101 $wpdb-> query("UPDATE $wpdb->terms SET term_group = $term_group WHERE term_id = $alias->term_id");1105 $wpdb->update( $wpdb->terms, compact('term_group'), array( 'term_id' => $alias->term_id ) ); 1102 1106 } 1103 1107 } 1104 1108 1105 1109 // Check for duplicate slug 1106 $id = $wpdb->get_var( "SELECT term_id FROM $wpdb->terms WHERE slug = '$slug'");1110 $id = $wpdb->get_var( $wpdb->prepare( "SELECT term_id FROM $wpdb->terms WHERE slug = %s", $slug ) ); 1107 1111 if ( $id && ($id != $term_id) ) { 1108 1112 // If an empty slug was passed, reset the slug to something unique. … … 1114 1118 } 1115 1119 1116 $wpdb-> query("UPDATE $wpdb->terms SET name = '$name', slug = '$slug', term_group = '$term_group' WHERE term_id = '$term_id'");1120 $wpdb->update($wpdb->terms, compact( 'name', 'slug', 'term_group' ), compact( 'term_id' ) ); 1117 1121 1118 1122 if ( empty($slug) ) { 1119 1123 $slug = sanitize_title($name, $term_id); 1120 $wpdb-> query("UPDATE $wpdb->terms SET slug = '$slug' WHERE term_id = '$term_id'");1121 } 1122 1123 $tt_id = $wpdb->get_var( "SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = '$taxonomy' AND t.term_id = $term_id");1124 1125 $wpdb-> query("UPDATE $wpdb->term_taxonomy SET term_id = '$term_id', taxonomy = '$taxonomy', description = '$description', parent = '$parent' WHERE term_taxonomy_id = '$tt_id'");1124 $wpdb->update( $wpdb->terms, compact( 'slug' ), compact( 'term_id' ) ); 1125 } 1126 1127 $tt_id = $wpdb->get_var( $wpdb->prepare( "SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = %s AND t.term_id = %d", $taxonomy, $term_id) ); 1128 1129 $wpdb->update( $wpdb->term_taxonomy, compact( 'term_id', 'taxonomy', 'description', 'parent' ), array( 'term_taxnonoy_id' => $tt_id ) ); 1126 1130 1127 1131 do_action("edit_term", $term_id, $tt_id); … … 1155 1159 // Default count updater 1156 1160 foreach ($terms as $term) { 1157 $count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->term_relationships WHERE term_taxonomy_id = '$term'");1158 $wpdb-> query("UPDATE $wpdb->term_taxonomy SET count = '$count' WHERE term_taxonomy_id = '$term'");1161 $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $term) ); 1162 $wpdb->update( $wpdb->term_taxonomy, compact( 'count' ), array( 'term_taxnomy_id' => $term ) ); 1159 1163 } 1160 1164 … … 1389 1393 1390 1394 foreach ( $terms as $term ) { 1391 $count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->term_relationships, $wpdb->posts WHERE $wpdb->posts.ID = $wpdb->term_relationships.object_id AND post_status = 'publish' AND post_type = 'post' AND term_taxonomy_id = '$term'");1392 $wpdb-> query("UPDATE $wpdb->term_taxonomy SET count = '$count' WHERE term_taxonomy_id = '$term'");1395 $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_relationships, $wpdb->posts WHERE $wpdb->posts.ID = $wpdb->term_relationships.object_id AND post_status = 'publish' AND post_type = 'post' AND term_taxonomy_id = %d", $term ) ); 1396 $wpdb->update( $wpdb->term_taxnomoy, compact( 'count' ), array( 'term_taxnomy_id' => $term ) ); 1393 1397 } 1394 1398 }
Note: See TracChangeset
for help on using the changeset viewer.