WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
04/14/2008 04:13:25 PM (18 years ago)
Author:
ryan
Message:

Prepare DB queries in more places. Props filosofo. see #6644

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/wp-includes/post.php

    r7638 r7645  
    475475    $query .= empty( $post_parent ) ? '' : $wpdb->prepare("AND $wpdb->posts.post_parent = %d ", $post_parent);
    476476    // expected_slashed ($meta_key, $meta_value) -- Also, this looks really funky, doesn't seem like it works
    477     $query .= empty( $meta_key ) | empty($meta_value)  ? '' : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )";
     477    $query .= empty( $meta_key ) | empty($meta_value)  ? '' : $wpdb->prepare(" AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = %s AND $wpdb->postmeta.meta_value = %s )", $meta_key, $meta_value);
    478478    $query .= empty( $post_mime_type ) ? '' : wp_post_mime_type_where($post_mime_type);
    479479    $query .= " GROUP BY $wpdb->posts.ID ORDER BY " . $orderby . ' ' . $order;
     
    19611961    $query .= " WHERE (post_type = 'page' AND post_status = 'publish') $exclusions $inclusions " ;
    19621962    // expected_slashed ($meta_key, $meta_value) -- also, it looks funky
    1963     $query .= ( empty( $meta_key ) | empty($meta_value)  ? "" : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )" ) ;
     1963    $query .= ( empty( $meta_key ) | empty($meta_value)  ? "" : $wpdb->prepare(" AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = %s AND $wpdb->postmeta.meta_value = %s )", $meta_key, $meta_value) ) ;
    19641964    $query .= $author_query;
    19651965    $query .= " ORDER BY " . $sort_column . " " . $sort_order ;
     
    27382738    do_action('clean_page_cache', $id);
    27392739
    2740     if ( $children = $wpdb->get_col( "SELECT ID FROM $wpdb->posts WHERE post_parent = '$id'" ) )
     2740    if ( $children = $wpdb->get_col( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_parent = %d", $id) ) )
    27412741        foreach( $children as $cid )
    27422742            clean_post_cache( $cid );
     
    29752975
    29762976    $id = $_post->ancestors[] = $_post->post_parent;
    2977     while ( $ancestor = $wpdb->get_var("SELECT `post_parent` FROM $wpdb->posts WHERE ID= '{$id}' LIMIT 1") ) {
     2977    while ( $ancestor = $wpdb->get_var( $wpdb->prepare("SELECT `post_parent` FROM $wpdb->posts WHERE ID = %d LIMIT 1", $id) ) ) {
    29782978        if ( $id == $ancestor )
    29792979            break;
Note: See TracChangeset for help on using the changeset viewer.