WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
04/14/2008 04:13:25 PM (18 years ago)
Author:
ryan
Message:

Prepare DB queries in more places. Props filosofo. see #6644

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/wp-includes/taxonomy.php

    r7545 r7645  
    750750
    751751    if ( !empty($taxonomy) )
    752         return $wpdb->get_row("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = '$taxonomy'", ARRAY_A);
     752        return $wpdb->get_row( $wpdb->prepare("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = %s", $taxonomy), ARRAY_A);
    753753
    754754    return $wpdb->get_var("SELECT term_id FROM $wpdb->terms as t WHERE $where");
     
    889889        $where = 'AND count > 0';
    890890
    891     $taxonomy = $wpdb->escape( $taxonomy );
    892     return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE taxonomy = '$taxonomy' $where");
     891    return $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE taxonomy = %s $where", $taxonomy) );
    893892}
    894893
     
    919918        $terms = wp_get_object_terms($object_id, $taxonomy, 'fields=tt_ids');
    920919        $in_terms = "'" . implode("', '", $terms) . "'";
    921         $wpdb->query("DELETE FROM $wpdb->term_relationships WHERE object_id = '$object_id' AND term_taxonomy_id IN ($in_terms)");
     920        $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->term_relationships WHERE object_id = %d AND term_taxonomy_id IN ($in_terms)", $object_id) );
    922921        wp_update_term_count($terms, $taxonomy);
    923922    }
     
    12941293        if ( $delete_terms ) {
    12951294            $in_delete_terms = "'" . implode("', '", $delete_terms) . "'";
    1296             $wpdb->query("DELETE FROM $wpdb->term_relationships WHERE object_id = '$object_id' AND term_taxonomy_id IN ($in_delete_terms)");
     1295            $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->term_relationships WHERE object_id = %d AND term_taxonomy_id IN ($in_delete_terms)", $object_id) );
    12971296            wp_update_term_count($delete_terms, $taxonomy);
    12981297        }
Note: See TracChangeset for help on using the changeset viewer.