#35601 closed feature request (fixed)
WP_Query: comment_status and ping_status
Reported by: | birgire | Owned by: | boonebgorges |
---|---|---|---|
Milestone: | 4.5 | Priority: | normal |
Severity: | normal | Version: | 4.4 |
Component: | Query | Keywords: | needs-unit-tests good-first-bug |
Focuses: | Cc: |
Description
The post_status
parameter is supported by WP_Query
, but comment_status
and ping_status
are not supported.
It's possible to use the posts_where
filter to modify a query for a specific comment status or ping status, but I wonder why such basic post properties aren't directly filterable in WP_Query
.
Example:
$query = new WP_Query( [ 'comment_status' => 'closed' ] );
$query = new WP_Query( [ 'ping_status' => 'open' ] );
Attachments (2)
Change History (8)
#2
@
9 years ago
- Keywords needs-patch needs-unit-tests good-first-bug added
- Milestone changed from Awaiting Review to Future Release
Sure, this is reasonable.
#3
@
9 years ago
In the wp-admin we can e.g. modify the comment/ping status for each post, through the following checkboxes:
[x] Allow comments.
[x] Allow trackbacks and pingbacks on this page.
These values are saved as 'open'
or 'closed'
into the comment_status
, ping_status
table fields.
I attached the 35601.diff patch as a starting point.
It's assumes there are only 'open'
and 'closed'
values for comment_status
and ping_status
.
So the next question that comes to mind, is what would we want to allow as possible parameter values:
- only allow these two values
'open'
and'closed'
?
- or allow custom values?
- force lowercase?
- force a #char limit? The fields are both
varchar(20)
so for custom values, there would be no point in searching for strings longer than that. - what kind of sanitazion would we want:
sanitize_key()
,sanitize_title_for_query()
, ... ?
#4
@
9 years ago
- Keywords needs-patch removed
- Milestone changed from Future Release to 4.5
- Owner set to boonebgorges
- Status changed from new to assigned
Thanks for the patch, @birgire. There's nothing preventing people from storing custom comment_status and ping_status in the database, and there's no reason I can think of why we need to prevent querying by custom values. The only exception would be if we had some "magic" values - kinda like how post_type=all
gets translated under the hood to all publicly queryable post types.
The only kind of sanitization necessary here is against SQL injection, which is handled by $wpdb->prepare()
.
#6
@
9 years ago
Great and thanks for the unit-test @boonebgorges.
I guess I was too paranoid regarding allowed searchable values ;-)
If we don't want to restrict the possible custom values, other than preparing it, I wonder if we should allow 0
and the empty string ''
as well and change:
if( ! empty( $q['comment_status' ] ) )
to
if( isset( $q['comment_status'] ) )
since empty()
treats 0
as empty. And similarly for the ping status.
I also removed the extra trailing space after %s
, that I had added previously.
I added 35601-2.diff for these updates.
This spreads from this question (http://wordpress.stackexchange.com/q/214323/31545) asked on wordpress.stackexchange.com, so there is a definite need for the intended features.
Can we implement this in a future release?