Index: src/wp-admin/comment.php =================================================================== --- src/wp-admin/comment.php (revision 28747) +++ src/wp-admin/comment.php (working copy) @@ -99,7 +99,7 @@ } // No need to re-approve/re-trash/re-spam a comment. - if ( $action == str_replace( '1', 'approve', $comment->comment_approved ) ) { + if ( $action == str_replace( WP_STATUS_ON, 'approve', $comment->comment_approved ) ) { wp_redirect( admin_url( 'edit-comments.php?same=' . $comment_id ) ); die(); } @@ -137,7 +137,7 @@ break; } -if ( $comment->comment_approved != '0' ) { // if not unapproved +if ( $comment->comment_approved != WP_STATUS_OFF ) { // if not unapproved $message = ''; switch ( $comment->comment_approved ) { case '1' : @@ -236,31 +236,31 @@ switch ( $action ) { case 'deletecomment' : wp_delete_comment( $comment_id ); - $redir = add_query_arg( array('deleted' => '1'), $redir ); + $redir = add_query_arg( array( 'deleted' => WP_STATUS_ON ), $redir ); break; case 'trashcomment' : wp_trash_comment($comment_id); - $redir = add_query_arg( array('trashed' => '1', 'ids' => $comment_id), $redir ); + $redir = add_query_arg( array( 'trashed' => WP_STATUS_ON, 'ids' => $comment_id ), $redir ); break; case 'untrashcomment' : wp_untrash_comment($comment_id); - $redir = add_query_arg( array('untrashed' => '1'), $redir ); + $redir = add_query_arg( array( 'untrashed' => WP_STATUS_ON ), $redir ); break; case 'spamcomment' : wp_spam_comment($comment_id); - $redir = add_query_arg( array('spammed' => '1', 'ids' => $comment_id), $redir ); + $redir = add_query_arg( array( 'spammed' => WP_STATUS_ON, 'ids' => $comment_id ), $redir ); break; case 'unspamcomment' : wp_unspam_comment($comment_id); - $redir = add_query_arg( array('unspammed' => '1'), $redir ); + $redir = add_query_arg( array( 'unspammed' => WP_STATUS_ON ), $redir ); break; case 'approvecomment' : wp_set_comment_status( $comment_id, 'approve' ); - $redir = add_query_arg( array( 'approved' => 1 ), $redir ); + $redir = add_query_arg( array( 'approved' => WP_STATUS_ON ), $redir ); break; case 'unapprovecomment' : wp_set_comment_status( $comment_id, 'hold' ); - $redir = add_query_arg( array( 'unapproved' => 1 ), $redir ); + $redir = add_query_arg( array( 'unapproved' => WP_STATUS_ON ), $redir ); break; } Index: src/wp-admin/edit-comments.php =================================================================== --- src/wp-admin/edit-comments.php (revision 28747) +++ src/wp-admin/edit-comments.php (working copy) @@ -205,7 +205,7 @@ if ( $same > 0 && $comment = get_comment( $same ) ) { switch ( $comment->comment_approved ) { - case '1' : + case WP_STATUS_ON : $messages[] = __('This comment is already approved.') . ' ' . __( 'Edit comment' ) . ''; break; case 'trash' : Index: src/wp-admin/edit-form-comment.php =================================================================== --- src/wp-admin/edit-form-comment.php (revision 28747) +++ src/wp-admin/edit-form-comment.php (working copy) @@ -86,8 +86,8 @@
-
-
+
+
Index: src/wp-admin/includes/class-wp-comments-list-table.php =================================================================== --- src/wp-admin/includes/class-wp-comments-list-table.php (revision 28747) +++ src/wp-admin/includes/class-wp-comments-list-table.php (working copy) @@ -477,7 +477,7 @@ if ( ( 'reply' == $action || 'quickedit' == $action ) && ! defined('DOING_AJAX') ) $action .= ' hide-if-no-js'; elseif ( ( $action == 'untrash' && $the_comment_status == 'trash' ) || ( $action == 'unspam' && $the_comment_status == 'spam' ) ) { - if ( '1' == get_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', true ) ) + if ( WP_STATUS_ON == get_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', true ) ) $action .= ' approve'; else $action .= ' unapprove'; Index: src/wp-admin/includes/class-wp-ms-sites-list-table.php =================================================================== --- src/wp-admin/includes/class-wp-ms-sites-list-table.php (revision 28747) +++ src/wp-admin/includes/class-wp-ms-sites-list-table.php (working copy) @@ -262,17 +262,17 @@ $actions['edit'] = '' . __( 'Edit' ) . ''; $actions['backend'] = "" . __( 'Dashboard' ) . ''; if ( get_current_site()->blog_id != $blog['blog_id'] ) { - if ( get_blog_status( $blog['blog_id'], 'deleted' ) == '1' ) + if ( get_blog_status( $blog['blog_id'], 'deleted' ) == WP_STATUS_ON ) $actions['activate'] = '' . __( 'Activate' ) . ''; else $actions['deactivate'] = '' . __( 'Deactivate' ) . ''; - if ( get_blog_status( $blog['blog_id'], 'archived' ) == '1' ) + if ( get_blog_status( $blog['blog_id'], 'archived' ) == WP_STATUS_ON ) $actions['unarchive'] = '' . __( 'Unarchive' ) . ''; else $actions['archive'] = '' . _x( 'Archive', 'verb; site' ) . ''; - if ( get_blog_status( $blog['blog_id'], 'spam' ) == '1' ) + if ( get_blog_status( $blog['blog_id'], 'spam' ) == WP_STATUS_ON ) $actions['unspam'] = '' . _x( 'Not Spam', 'site' ) . ''; else $actions['spam'] = '' . _x( 'Spam', 'site' ) . ''; Index: src/wp-admin/includes/comment.php =================================================================== --- src/wp-admin/includes/comment.php (revision 28747) +++ src/wp-admin/includes/comment.php (working copy) @@ -128,7 +128,11 @@ $post_id_array = array_map('intval', $post_id_array); $post_id_in = "'" . implode("', '", $post_id_array) . "'"; - $pending = $wpdb->get_results( "SELECT comment_post_ID, COUNT(comment_ID) as num_comments FROM $wpdb->comments WHERE comment_post_ID IN ( $post_id_in ) AND comment_approved = '0' GROUP BY comment_post_ID", ARRAY_A ); + $sql = $wpdb->prepare( + "SELECT comment_post_ID, COUNT(comment_ID) as num_comments FROM $wpdb->comments WHERE comment_post_ID IN ( $post_id_in ) AND comment_approved = %s GROUP BY comment_post_ID", + WP_STATUS_OFF + ); + $pending = $wpdb->get_results( $sql, ARRAY_A ); if ( $single ) { if ( empty($pending) ) Index: src/wp-admin/includes/dashboard.php =================================================================== --- src/wp-admin/includes/dashboard.php (revision 28747) +++ src/wp-admin/includes/dashboard.php (working copy) @@ -272,7 +272,7 @@ update_right_now_message(); // Check if search engines are asked not to index this site. - if ( ! is_network_admin() && ! is_user_admin() && current_user_can( 'manage_options' ) && '1' != get_option( 'blog_public' ) ) { + if ( ! is_network_admin() && ! is_user_admin() && current_user_can( 'manage_options' ) && WP_STATUS_ON != get_option( 'blog_public' ) ) { /** * Filter the link title attribute for the 'Search Engines Discouraged' Index: src/wp-admin/includes/upgrade.php =================================================================== --- src/wp-admin/includes/upgrade.php (revision 28747) +++ src/wp-admin/includes/upgrade.php (working copy) @@ -712,7 +712,11 @@ $wpdb->show_errors(); // populate comment_count field of posts table - $comments = $wpdb->get_results( "SELECT comment_post_ID, COUNT(*) as c FROM $wpdb->comments WHERE comment_approved = '1' GROUP BY comment_post_ID" ); + $sql = $wpdb->prepare( + "SELECT comment_post_ID, COUNT(*) as c FROM $wpdb->comments WHERE comment_approved = %s GROUP BY comment_post_ID", + WP_STATUS_ON + ); + $comments = $wpdb->get_results( $sql ); if ( is_array( $comments ) ) foreach ($comments as $comment) $wpdb->update( $wpdb->posts, array('comment_count' => $comment->c), array('ID' => $comment->comment_post_ID) ); @@ -1079,7 +1083,7 @@ if ( $wp_current_db_version < 11958 ) { // Previously, setting depth to 1 would redundantly disable threading, but now 2 is the minimum depth to avoid confusion - if ( get_option( 'thread_comments_depth' ) == '1' ) { + if ( get_option( 'thread_comments_depth' ) == WP_STATUS_ON ) { update_option( 'thread_comments_depth', 2 ); update_option( 'thread_comments', 0 ); } @@ -1344,7 +1348,7 @@ // 3.0 if ( $wp_current_db_version < 13576 ) - update_site_option( 'global_terms_enabled', '1' ); + update_site_option( 'global_terms_enabled', WP_STATUS_ON ); // 3.3 if ( $wp_current_db_version < 19390 ) @@ -1374,7 +1378,7 @@ // 3.5 if ( $wp_current_db_version < 21823 ) - update_site_option( 'ms_files_rewriting', '1' ); + update_site_option( 'ms_files_rewriting', WP_STATUS_ON ); // 3.5.2 if ( $wp_current_db_version < 24448 ) { @@ -1404,7 +1408,7 @@ */ function maybe_create_table($table_name, $create_ddl) { global $wpdb; - + $query = $wpdb->prepare( "SHOW TABLES LIKE %s", $wpdb->esc_like( $table_name ) ); if ( $wpdb->get_var( $query ) == $table_name ) { Index: src/wp-admin/includes/user.php =================================================================== --- src/wp-admin/includes/user.php (revision 28747) +++ src/wp-admin/includes/user.php (working copy) @@ -394,7 +394,7 @@ return; //get_user_setting = JS saved UI setting. else no-js-fallback code. - if ( 'hide' == get_user_setting('default_password_nag') || isset($_GET['default_password_nag']) && '0' == $_GET['default_password_nag'] ) { + if ( 'hide' == get_user_setting('default_password_nag') || isset($_GET['default_password_nag']) && WP_STATUS_OFF == $_GET['default_password_nag'] ) { delete_user_setting('default_password_nag'); update_user_option($user_ID, 'default_password_nag', false, true); } Index: src/wp-admin/ms-delete-site.php =================================================================== --- src/wp-admin/ms-delete-site.php (revision 28747) +++ src/wp-admin/ms-delete-site.php (working copy) @@ -34,7 +34,7 @@ echo '
'; echo '

' . esc_html( $title ) . '

'; -if ( isset( $_POST['action'] ) && $_POST['action'] == 'deleteblog' && isset( $_POST['confirmdelete'] ) && $_POST['confirmdelete'] == '1' ) { +if ( isset( $_POST['action'] ) && $_POST['action'] == 'deleteblog' && isset( $_POST['confirmdelete'] ) && $_POST['confirmdelete'] == WP_STATUS_ON ) { check_admin_referer( 'delete-blog' ); $hash = wp_generate_password( 20, false ); Index: src/wp-admin/network/sites.php =================================================================== --- src/wp-admin/network/sites.php (revision 28747) +++ src/wp-admin/network/sites.php (working copy) @@ -124,7 +124,7 @@ case 'spam': case 'notspam': $updated_action = ( 'spam' === $doaction ) ? 'all_spam' : 'all_notspam'; - update_blog_status( $val, 'spam', ( 'spam' === $doaction ) ? '1' : '0' ); + update_blog_status( $val, 'spam', ( 'spam' === $doaction ) ? WP_STATUS_ON : WP_STATUS_OFF ); break; } } else { @@ -139,11 +139,11 @@ case 'archiveblog': case 'unarchiveblog': - update_blog_status( $id, 'archived', ( 'archiveblog' === $_GET['action'] ) ? '1' : '0' ); + update_blog_status( $id, 'archived', ( 'archiveblog' === $_GET['action'] ) ? WP_STATUS_ON : WP_STATUS_OFF ); break; case 'activateblog': - update_blog_status( $id, 'deleted', '0' ); + update_blog_status( $id, 'deleted', WP_STATUS_OFF ); /** * Fires after a network site is activated. @@ -164,17 +164,17 @@ * @param string $id The ID of the site being deactivated. */ do_action( 'deactivate_blog', $id ); - update_blog_status( $id, 'deleted', '1' ); + update_blog_status( $id, 'deleted', WP_STATUS_ON ); break; case 'unspamblog': case 'spamblog': - update_blog_status( $id, 'spam', ( 'spamblog' === $_GET['action'] ) ? '1' : '0' ); + update_blog_status( $id, 'spam', ( 'spamblog' === $_GET['action'] ) ? WP_STATUS_ON : WP_STATUS_OFF ); break; case 'unmatureblog': case 'matureblog': - update_blog_status( $id, 'mature', ( 'matureblog' === $_GET['action'] ) ? '1' : '0' ); + update_blog_status( $id, 'mature', ( 'matureblog' === $_GET['action'] ) ? WP_STATUS_ON : WP_STATUS_OFF ); break; } Index: src/wp-admin/network/themes.php =================================================================== --- src/wp-admin/network/themes.php (revision 28747) +++ src/wp-admin/network/themes.php (working copy) @@ -44,7 +44,7 @@ check_admin_referer('disable-theme_' . $_GET['theme']); unset( $allowed_themes[ $_GET['theme'] ] ); update_site_option( 'allowedthemes', $allowed_themes ); - wp_safe_redirect( add_query_arg( 'disabled', '1', $referer ) ); + wp_safe_redirect( add_query_arg( 'disabled', WP_STATUS_ON, $referer ) ); exit; case 'enable-selected': check_admin_referer('bulk-themes'); Index: src/wp-admin/network/upgrade.php =================================================================== --- src/wp-admin/network/upgrade.php (revision 28747) +++ src/wp-admin/network/upgrade.php (working copy) @@ -52,7 +52,13 @@ update_site_option( 'wpmu_upgrade_site', $wp_db_version ); } - $blogs = $wpdb->get_results( "SELECT * FROM {$wpdb->blogs} WHERE site_id = '{$wpdb->siteid}' AND spam = '0' AND deleted = '0' AND archived = '0' ORDER BY registered DESC LIMIT {$n}, 5", ARRAY_A ); + $sql = $wpdb->prepare( + "SELECT * FROM {$wpdb->blogs} WHERE site_id = '{$wpdb->siteid}' AND spam = %s AND deleted = %s AND archived = %s ORDER BY registered DESC LIMIT {$n}, 5", + WP_STATUS_OFF, + WP_STATUS_OFF, + WP_STATUS_OFF + ); + $blogs = $wpdb->get_results( $sql, ARRAY_A ); if ( empty( $blogs ) ) { echo '

' . __( 'All done!' ) . '

'; break; Index: src/wp-admin/network/users.php =================================================================== --- src/wp-admin/network/users.php (revision 28747) +++ src/wp-admin/network/users.php (working copy) @@ -144,9 +144,9 @@ $blogs = get_blogs_of_user( $val, true ); foreach ( (array) $blogs as $key => $details ) { if ( $details->userblog_id != $current_site->blog_id ) // main blog not a spam ! - update_blog_status( $details->userblog_id, 'spam', '1' ); + update_blog_status( $details->userblog_id, 'spam', WP_STATUS_ON ); } - update_user_status( $val, 'spam', '1' ); + update_user_status( $val, 'spam', WP_STATUS_ON ); break; case 'notspam': @@ -153,9 +153,9 @@ $userfunction = 'all_notspam'; $blogs = get_blogs_of_user( $val, true ); foreach ( (array) $blogs as $key => $details ) - update_blog_status( $details->userblog_id, 'spam', '0' ); + update_blog_status( $details->userblog_id, 'spam', WP_STATUS_OFF ); - update_user_status( $val, 'spam', '0' ); + update_user_status( $val, 'spam', WP_STATUS_OFF ); break; } } Index: src/wp-includes/class-wp-editor.php =================================================================== --- src/wp-includes/class-wp-editor.php (revision 28747) +++ src/wp-includes/class-wp-editor.php (working copy) @@ -1379,7 +1379,7 @@ * @since 3.1.0 */ public static function wp_link_dialog() { - $search_panel_visible = '1' == get_user_setting( 'wplink', '0' ) ? ' search-panel-visible' : ''; + $search_panel_visible = WP_STATUS_ON == get_user_setting( 'wplink', WP_STATUS_OFF ) ? ' search-panel-visible' : ''; // display: none is required here, see #WP27605 ?> Index: src/wp-includes/class-wp-xmlrpc-server.php =================================================================== --- src/wp-includes/class-wp-xmlrpc-server.php (revision 28747) +++ src/wp-includes/class-wp-xmlrpc-server.php (working copy) @@ -970,11 +970,11 @@ $comment_date = $this->_convert_date( $comment->comment_date ); $comment_date_gmt = $this->_convert_date_gmt( $comment->comment_date_gmt, $comment->comment_date ); - if ( '0' == $comment->comment_approved ) + if ( WP_STATUS_OFF == $comment->comment_approved ) $comment_status = 'hold'; else if ( 'spam' == $comment->comment_approved ) $comment_status = 'spam'; - else if ( '1' == $comment->comment_approved ) + else if ( WP_STATUS_ON == $comment->comment_approved ) $comment_status = 'approve'; else $comment_status = $comment->comment_approved; @@ -5163,8 +5163,8 @@ // Get the post author info. $author = get_userdata($entry['post_author']); - $allow_comments = ('open' == $entry['comment_status']) ? 1 : 0; - $allow_pings = ('open' == $entry['ping_status']) ? 1 : 0; + $allow_comments = ( 'open' == $entry['comment_status'] ) ? WP_STATUS_ON : WP_STATUS_OFF; + $allow_pings = ( 'open' == $entry['ping_status'] ) ? WP_STATUS_ON : WP_STATUS_OFF; // Consider future posts as published if ( $entry['post_status'] === 'future' ) Index: src/wp-includes/comment-template.php =================================================================== --- src/wp-includes/comment-template.php (revision 28747) +++ src/wp-includes/comment-template.php (working copy) @@ -1101,11 +1101,26 @@ /** @todo Use API instead of SELECTs. */ if ( $user_ID) { - $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND (comment_approved = '1' OR ( user_id = %d AND comment_approved = '0' ) ) ORDER BY comment_date_gmt", $post->ID, $user_ID)); + $sql = $wpdb->prepare( + "SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND (comment_approved = %s OR ( user_id = %d AND comment_approved = %s ) ) ORDER BY comment_date_gmt", + $post->ID, + WP_STATUS_ON, + $user_ID, + WP_STATUS_OFF + ); + $comments = $wpdb->get_results( $sql ); } else if ( empty($comment_author) ) { $comments = get_comments( array('post_id' => $post->ID, 'status' => 'approve', 'order' => 'ASC') ); } else { - $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND ( comment_approved = '1' OR ( comment_author = %s AND comment_author_email = %s AND comment_approved = '0' ) ) ORDER BY comment_date_gmt", $post->ID, wp_specialchars_decode($comment_author,ENT_QUOTES), $comment_author_email)); + $sql = $wpdb->prepare( + "SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND ( comment_approved = %s OR ( comment_author = %s AND comment_author_email = %s AND comment_approved = %s ) ) ORDER BY comment_date_gmt", + $post->ID, + WP_STATUS_ON, + wp_specialchars_decode( $comment_author, ENT_QUOTES ), + $comment_author_email, + WP_STATUS_OFF + ); + $comments = $wpdb->get_results( $sql ); } /** @@ -1792,7 +1807,7 @@ %s says:' ), get_comment_author_link() ); ?>
- comment_approved ) : ?> + comment_approved ) : ?>
@@ -1847,7 +1862,7 @@ ', '' ); ?>
- comment_approved ) : ?> + comment_approved ) : ?>

Index: src/wp-includes/comment.php =================================================================== --- src/wp-includes/comment.php (revision 28747) +++ src/wp-includes/comment.php (working copy) @@ -92,7 +92,11 @@ if ( 1 == get_option('comment_whitelist')) { if ( 'trackback' != $comment_type && 'pingback' != $comment_type && $author != '' && $email != '' ) { // expected_slashed ($author, $email) - $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1"); + $sql = $wpdb->prepare( + "SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = %s LIMIT 1", + WP_STATUS_ON + ); + $ok_to_comment = $wpdb->get_var( $sql ); if ( ( 1 == $ok_to_comment ) && ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) ) return true; @@ -116,7 +120,12 @@ */ function get_approved_comments($post_id) { global $wpdb; - return $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = '1' ORDER BY comment_date", $post_id)); + $sql = $wpdb->prepare( + "SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = %s ORDER BY comment_date", + $post_id, + WP_STATUS_ON + ); + return $wpdb->get_results( $sql ); } /** @@ -302,13 +311,13 @@ $status = $this->query_vars['status']; if ( 'hold' == $status ) { - $approved = "comment_approved = '0'"; + $approved = $wpdb->prepare( "comment_approved = %s", WP_STATUS_OFF ); } elseif ( 'approve' == $status ) { - $approved = "comment_approved = '1'"; + $approved = $wpdb->prepare( "comment_approved = %s", WP_STATUS_ON ); } elseif ( ! empty( $status ) && 'all' != $status ) { $approved = $wpdb->prepare( "comment_approved = %s", $status ); } else { - $approved = "( comment_approved = '0' OR comment_approved = '1' )"; + $approved = $wpdb->prepare( "( comment_approved = %s OR comment_approved = %s )", WP_STATUS_OFF, WP_STATUS_ON ); } $order = ( 'ASC' == strtoupper( $this->query_vars['order'] ) ) ? 'ASC' : 'DESC'; @@ -543,13 +552,26 @@ switch ( strtolower($timezone)) { case 'gmt': - $lastcommentmodified = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1"); + $sql = $wpdb->prepare( + "SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_approved = %s ORDER BY comment_date_gmt DESC LIMIT 1", + WP_STATUS_ON + ); + $lastcommentmodified = $wpdb->get_var( $sql ); break; case 'blog': - $lastcommentmodified = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1"); + $sql = $wpdb->prepare( + "SELECT comment_date FROM $wpdb->comments WHERE comment_approved = %s ORDER BY comment_date_gmt DESC LIMIT 1", + WP_STATUS_ON + ); + $lastcommentmodified = $wpdb->get_var( $sql ); break; case 'server': - $lastcommentmodified = $wpdb->get_var($wpdb->prepare("SELECT DATE_ADD(comment_date_gmt, INTERVAL %s SECOND) FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1", $add_seconds_server)); + $sql = $wpdb->prepare( + "SELECT DATE_ADD(comment_date_gmt, INTERVAL %s SECOND) FROM $wpdb->comments WHERE comment_approved = %s ORDER BY comment_date_gmt DESC LIMIT 1", + $add_seconds_server, + WP_STATUS_ON + ); + $lastcommentmodified = $wpdb->get_var( $sql ); break; } @@ -1067,7 +1089,13 @@ $comtypewhere = ( 'all' != $args['type'] && isset($allowedtypes[$args['type']]) ) ? " AND comment_type = '" . $allowedtypes[$args['type']] . "'" : ''; // Count comments older than this one - $oldercoms = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_parent = 0 AND comment_approved = '1' AND comment_date_gmt < '%s'" . $comtypewhere, $comment->comment_post_ID, $comment->comment_date_gmt ) ); + $sql = $wpdb->prepare( + "SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_parent = 0 AND comment_approved = %s AND comment_date_gmt < '%s'" . $comtypewhere, + $comment->comment_post_ID, + WP_STATUS_ON, + $comment->comment_date_gmt + ); + $oldercoms = $wpdb->get_var( $sql ); // No older comments? Then it's page #1. if ( 0 == $oldercoms ) @@ -1339,9 +1367,9 @@ do_action( 'untrash_comment', $comment_id ); $status = (string) get_comment_meta($comment_id, '_wp_trash_meta_status', true); - if ( empty($status) ) - $status = '0'; - + if ( empty( $status ) ) { + $status = WP_STATUS_OFF; + } if ( wp_set_comment_status($comment_id, $status) ) { delete_comment_meta($comment_id, '_wp_trash_meta_time'); delete_comment_meta($comment_id, '_wp_trash_meta_status'); @@ -1418,9 +1446,9 @@ do_action( 'unspam_comment', $comment_id ); $status = (string) get_comment_meta($comment_id, '_wp_trash_meta_status', true); - if ( empty($status) ) - $status = '0'; - + if ( empty( $status ) ) { + $status = WP_STATUS_OFF; + } if ( wp_set_comment_status($comment_id, $status) ) { delete_comment_meta($comment_id, '_wp_trash_meta_status'); /** @@ -1454,9 +1482,9 @@ if ( $approved == null ) return false; - elseif ( $approved == '1' ) + elseif ( $approved == WP_STATUS_ON ) return 'approved'; - elseif ( $approved == '0' ) + elseif ( $approved == WP_STATUS_OFF ) return 'unapproved'; elseif ( $approved == 'spam' ) return 'spam'; @@ -1786,7 +1814,7 @@ do_action( 'comment_post', $comment_ID, $commentdata['comment_approved'] ); if ( 'spam' !== $commentdata['comment_approved'] ) { // If it's spam save it silently for later crunching - if ( '0' == $commentdata['comment_approved'] ) { + if ( WP_STATUS_OFF == $commentdata['comment_approved'] ) { wp_notify_moderator( $comment_ID ); } @@ -1819,12 +1847,12 @@ switch ( $comment_status ) { case 'hold': - case '0': - $status = '0'; + case WP_STATUS_OFF: + $status = WP_STATUS_OFF; break; case 'approve': - case '1': - $status = '1'; + case WP_STATUS_ON: + $status = WP_STATUS_ON; if ( get_option('comments_notify') ) { wp_notify_postauthor( $comment_id ); } @@ -2030,7 +2058,12 @@ return false; $old = (int) $post->comment_count; - $new = (int) $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = '1'", $post_id) ); + $sql = $wpdb->prepare( + "SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = %s", + $post_id, + WP_STATUS_ON + ); + $new = (int) $wpdb->get_var( $sql ); $wpdb->update( $wpdb->posts, array('comment_count' => $new), array('ID' => $post_id) ); clean_post_cache( $post ); @@ -2324,7 +2357,7 @@ * @return mixed Empty string if blog is not public, returns $sites, if site is public. */ function privacy_ping_filter($sites) { - if ( '0' != get_option('blog_public') ) + if ( WP_STATUS_OFF != get_option('blog_public') ) return $sites; else return ''; Index: src/wp-includes/default-constants.php =================================================================== --- src/wp-includes/default-constants.php (revision 28747) +++ src/wp-includes/default-constants.php (working copy) @@ -15,6 +15,10 @@ function wp_initial_constants() { global $blog_id; + // avoid magic numbers + define( 'WP_STATUS_ON', 1 ); + define( 'WP_STATUS_OFF', 0 ); + // set memory limits if ( !defined('WP_MEMORY_LIMIT') ) { if( is_multisite() ) { Index: src/wp-includes/default-widgets.php =================================================================== --- src/wp-includes/default-widgets.php (revision 28747) +++ src/wp-includes/default-widgets.php (working copy) @@ -273,8 +273,8 @@ } public function widget( $args, $instance ) { - $c = ! empty( $instance['count'] ) ? '1' : '0'; - $d = ! empty( $instance['dropdown'] ) ? '1' : '0'; + $c = ! empty( $instance['count'] ) ? WP_STATUS_ON : WP_STATUS_OFF; + $d = ! empty( $instance['dropdown'] ) ? WP_STATUS_ON : WP_STATUS_OFF; /** This filter is documented in wp-includes/default-widgets.php */ $title = apply_filters( 'widget_title', empty( $instance['title'] ) ? __( 'Archives' ) : $instance['title'], $instance, $this->id_base ); @@ -547,9 +547,9 @@ /** This filter is documented in wp-includes/default-widgets.php */ $title = apply_filters( 'widget_title', empty( $instance['title'] ) ? __( 'Categories' ) : $instance['title'], $instance, $this->id_base ); - $c = ! empty( $instance['count'] ) ? '1' : '0'; - $h = ! empty( $instance['hierarchical'] ) ? '1' : '0'; - $d = ! empty( $instance['dropdown'] ) ? '1' : '0'; + $c = ! empty( $instance['count'] ) ? WP_STATUS_ON : WP_STATUS_OFF; + $h = ! empty( $instance['hierarchical'] ) ? WP_STATUS_ON : WP_STATUS_OFF; + $d = ! empty( $instance['dropdown'] ) ? WP_STATUS_ON : WP_STATUS_OFF; echo $args['before_widget']; if ( $title ) { Index: src/wp-includes/feed-rdf.php =================================================================== --- src/wp-includes/feed-rdf.php (revision 28747) +++ src/wp-includes/feed-rdf.php (working copy) @@ -33,7 +33,7 @@ - + 2000-01-01T12:00+00:00 - + get_results( $wpdb->prepare("SELECT blog_id, domain, path FROM $wpdb->blogs WHERE site_id = %d AND public = '1' AND archived = '0' AND mature = '0' AND spam = '0' AND deleted = '0' AND last_updated != '0000-00-00 00:00:00' ORDER BY last_updated DESC limit %d, %d", $wpdb->siteid, $start, $quantity ) , ARRAY_A ); + $sql = $wpdb->prepare( + "SELECT blog_id, domain, path FROM $wpdb->blogs WHERE site_id = %d AND public = %s AND archived = %s AND mature = %s AND spam = %s AND deleted = %s AND last_updated != '0000-00-00 00:00:00' ORDER BY last_updated DESC limit %d, %d", + $wpdb->siteid, + WP_STATUS_ON, + WP_STATUS_OFF, + WP_STATUS_OFF, + WP_STATUS_OFF, + WP_STATUS_OFF, + $start, + $quantity + ); + return $wpdb->get_results( $sql, ARRAY_A ); } /** Index: src/wp-includes/ms-deprecated.php =================================================================== --- src/wp-includes/ms-deprecated.php (revision 28747) +++ src/wp-includes/ms-deprecated.php (working copy) @@ -164,7 +164,16 @@ _deprecated_function( __FUNCTION__, '3.0', 'wp_get_sites()' ); global $wpdb; - $blogs = $wpdb->get_results( $wpdb->prepare("SELECT blog_id, domain, path FROM $wpdb->blogs WHERE site_id = %d AND public = '1' AND archived = '0' AND mature = '0' AND spam = '0' AND deleted = '0' ORDER BY registered DESC", $wpdb->siteid), ARRAY_A ); + $sql = $wpdb->prepare( + "SELECT blog_id, domain, path FROM $wpdb->blogs WHERE site_id = %d AND public = %s AND archived = %s AND mature = %s AND spam = %s AND deleted = %s ORDER BY registered DESC", + $wpdb->siteid, + WP_STATUS_ON, + WP_STATUS_OFF, + WP_STATUS_OFF, + WP_STATUS_OFF, + WP_STATUS_OFF + ); + $blogs = $wpdb->get_results( $sql, ARRAY_A ); foreach ( (array) $blogs as $details ) { $blog_list[ $details['blog_id'] ] = $details; Index: src/wp-includes/ms-files.php =================================================================== --- src/wp-includes/ms-files.php (revision 28747) +++ src/wp-includes/ms-files.php (working copy) @@ -18,7 +18,9 @@ error_reporting( 0 ); -if ( $current_blog->archived == '1' || $current_blog->spam == '1' || $current_blog->deleted == '1' ) { +if ( $current_blog->archived == WP_STATUS_ON + || $current_blog->spam == WP_STATUS_ON + || $current_blog->deleted == WP_STATUS_ON ) { status_header( 404 ); die( '404 — File not found.' ); } Index: src/wp-includes/ms-functions.php =================================================================== --- src/wp-includes/ms-functions.php (revision 28747) +++ src/wp-includes/ms-functions.php (working copy) @@ -2254,7 +2254,14 @@ function wp_update_network_site_counts() { global $wpdb; - $count = $wpdb->get_var( $wpdb->prepare("SELECT COUNT(blog_id) as c FROM $wpdb->blogs WHERE site_id = %d AND spam = '0' AND deleted = '0' and archived = '0'", $wpdb->siteid) ); + $sql = $wpdb->prepare( + "SELECT COUNT(blog_id) as c FROM $wpdb->blogs WHERE site_id = %d AND spam = %s AND deleted = %s and archived = %s", + $wpdb->siteid, + WP_STATUS_OFF, + WP_STATUS_OFF, + WP_STATUS_OFF + ); + $count = $wpdb->get_var( $sql ); update_site_option( 'blog_count', $count ); } @@ -2266,7 +2273,12 @@ function wp_update_network_user_counts() { global $wpdb; - $count = $wpdb->get_var( "SELECT COUNT(ID) as c FROM $wpdb->users WHERE spam = '0' AND deleted = '0'" ); + $sql = $wpdb->prepare( + "SELECT COUNT(ID) as c FROM $wpdb->users WHERE spam = %s AND deleted = %s", + WP_STATUS_OFF, + WP_STATUS_OFF + ); + $count = $wpdb->get_var( $sql ); update_site_option( 'user_count', $count ); } Index: src/wp-includes/ms-load.php =================================================================== --- src/wp-includes/ms-load.php (revision 28747) +++ src/wp-includes/ms-load.php (working copy) @@ -88,7 +88,7 @@ if ( is_super_admin() ) return true; - if ( '1' == $blog->deleted ) { + if ( WP_STATUS_ON == $blog->deleted ) { if ( file_exists( WP_CONTENT_DIR . '/blog-deleted.php' ) ) return WP_CONTENT_DIR . '/blog-deleted.php'; else @@ -102,7 +102,7 @@ wp_die( sprintf( __( 'This site has not been activated yet. If you are having problems activating your site, please contact %1$s.' ), str_replace( '@', ' AT ', get_site_option( 'admin_email', 'support@' . get_current_site()->domain ) ) ) ); } - if ( $blog->archived == '1' || $blog->spam == '1' ) { + if ( $blog->archived == WP_STATUS_ON || $blog->spam == WP_STATUS_ON ) { if ( file_exists( WP_CONTENT_DIR . '/blog-suspended.php' ) ) return WP_CONTENT_DIR . '/blog-suspended.php'; else Index: src/wp-includes/pluggable.php =================================================================== --- src/wp-includes/pluggable.php (revision 28747) +++ src/wp-includes/pluggable.php (working copy) @@ -1478,7 +1478,8 @@ } $comment_author_domain = @gethostbyaddr($comment->comment_author_IP); - $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'"); + $sql = $wpdb->prepare( "SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = %s", WP_STATUS_OFF ); + $comments_waiting = $wpdb->get_var( $sql ); // The blogname option is escaped with esc_html on the way into the database in sanitize_option // we want to reverse this for the plain text arena of emails. Index: src/wp-includes/post.php =================================================================== --- src/wp-includes/post.php (revision 28747) +++ src/wp-includes/post.php (working copy) @@ -2748,8 +2748,9 @@ foreach ( $group_by_status as $status => $comments ) { // Sanity check. This shouldn't happen. - if ( 'post-trashed' == $status ) - $status = '0'; + if ( 'post-trashed' == $status ) { + $status = WP_STATUS_OFF; + } $comments_in = implode( "', '", $comments ); $wpdb->query( "UPDATE $wpdb->comments SET comment_approved = '$status' WHERE comment_ID IN ('" . $comments_in . "')" ); } @@ -5646,8 +5647,8 @@ return; if ( get_option('default_pingback_flag') ) - add_post_meta( $post_id, '_pingme', '1' ); - add_post_meta( $post_id, '_encloseme', '1' ); + add_post_meta( $post_id, '_pingme', WP_STATUS_ON ); + add_post_meta( $post_id, '_encloseme', WP_STATUS_ON ); wp_schedule_single_event(time(), 'do_pings'); } Index: src/wp-signup.php =================================================================== --- src/wp-signup.php (revision 28747) +++ src/wp-signup.php (working copy) @@ -127,11 +127,11 @@