Make WordPress Core

Opened 17 years ago

Closed 17 years ago

Last modified 15 years ago

#3861 closed task (blessed) (fixed)

need a standardized way to include private posts in queries

Reported by: molecularbear's profile molecularbear Owned by: rob1n's profile rob1n
Milestone: 2.2 Priority: normal
Severity: normal Version: 2.1.1
Component: General Keywords: has-patch commit
Focuses: Cc:


The codebase is currently littered with ad hoc queries that perform various selections on wp_posts. This makes the code very difficult to maintain - case in point is the inclusion of "post_status = 'private'" when appropriate. The idea is that a user who has 'read_private_posts' should always see private posts; such a user should also see stats (i.e. post count) that include private posts. To make this possible, one would need to modify quite a few queries scattererd about the code.

While the ideal solution is to do a massive code cleanup, centralizing all the queries in a few classes, I have a less tedious solution. Attached is a patch to wp-includes/post.php that adds a single function: wp_get_pub_and_priv_sql($post_type). I'll let the comment block do the describing:

 * This function provides a standardized way to appropriately select on
 * the post_status of posts/pages. The function will return a piece of
 * SQL code that can be added to a WHERE clause; this SQL is constructed
 * to allow all published posts, and all private posts to which the user
 * has access.
 * @param string $post_type currently only supports 'post' or 'page'.
 * @return string SQL code that can be added to a where clause.

Instead of dropping in a bunch of code to every query that needs it, one would do something like:

$query = "SELECT * FROM wp_posts WHERE <conds> AND " . wp_get_pub_and_priv_sql('post');

This makes the code easier to write, takes some of the public-vs-private burden off of the programmer, and most importantly, centralizes the logic.

Attachments (2)

post.patch (1.1 KB) - added by molecularbear 17 years ago.
Changed function name from wp_get_pub_and_priv_sql to wp_get_pub_priv_sql
3861.diff (1.6 KB) - added by rob1n 17 years ago.

Download all attachments as: .zip

Change History (10)

#1 @rob1n
17 years ago

  • Keywords has-patch added
  • Milestone changed from 2.1.2 to 2.2

17 years ago

Changed function name from wp_get_pub_and_priv_sql to wp_get_pub_priv_sql

#2 @markjaquith
17 years ago

  • Keywords 2nd-opinion added
  • Owner changed from anonymous to ryan

Ryan, your ball. I like the idea of consolidating the logic.

#4 @foolswisdom
17 years ago

  • Keywords 2nd-opinion removed

#5 @rob1n
17 years ago

I don't really like the function name. The name doesn't really mean anything unless you know what it does already, and it's a bit long. But I can't think of anything better :\.

#6 @rob1n
17 years ago

  • Keywords commit added
  • Owner changed from ryan to rob1n

Thinking about it a bit more, I think the current function name is good.


17 years ago

#7 @rob1n
17 years ago

Rewrote the function and added support for filters so plugins can use wp_get_pub_priv_sql() too for their own post types.

#8 @rob1n
17 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [5189]) Add a function to unify private posts SQL based on capabilities -- get_private_posts_cap_sql().

Usage: get_private_posts_cap_sql($type), where $type is either 'post' or 'page'.

Props molecularbear. fixes #3861

Note: See TracTickets for help on using tickets.