public function suggestUserMail($get, $post) { if (!current_user_can(CRED_CAPABILITY)) { wp_die(); } global $wpdb; //https://icanlocalize.basecamphq.com/projects/7393061-toolset/todo_items/187413931/comments $user = esc_sql(cred_wrap_esc_like($post['user'])); $sql = "SELECT user_nicename AS label, user_email AS value FROM {$wpdb->users} WHERE user_nicename LIKE '%{$user}%' ORDER BY user_email,user_nicename LIMIT 0, 100"; $results = $wpdb->get_results($sql); echo json_encode($results); }
public function suggestPostsByTitle($text, $post_type = null, $limit = 20) { $post_status = "('publish','private')"; $not_in_post_types = "('view','view-template','attachment','revision','" . CRED_FORMS_CUSTOM_POST_NAME . "')"; //https://icanlocalize.basecamphq.com/projects/7393061-toolset/todo_items/187413931/comments $text = esc_sql(cred_wrap_esc_like($text)); $sql = "SELECT ID, post_title FROM {$this->wpdb->posts} WHERE post_title LIKE '%{$text}%' AND post_status IN {$post_status} AND post_type NOT IN {$not_in_post_types}"; if ($post_type !== null) { $sql .= $this->wpdb->prepare(' AND post_type="%s"', $post_type); } $limit = intval($limit); if ($limit > 0) { $sql .= " LIMIT 0, {$limit}"; } $results = $this->wpdb->get_results($sql); return $results; }
/** * wpt_suggest_taxonomy_term * * Renders the suggestions when adding new flat taxonomy terms on a CRED form * * Needs a non-empty q attribute and can take an optional non-empty taxonomy attribute on the $_REQUEST * * @since 1.5.0 */ public function wpt_suggest_taxonomy_term() { if (!isset($_REQUEST['q']) || $_REQUEST['q'] == '') { die; } global $wpdb; $values_to_prepare = array(); if (function_exists("wpv_esc_like")) { $term_name = '%' . wpv_esc_like($_REQUEST['q']) . '%'; } else { if (function_exists("cred_wrap_esc_like")) { $term_name = '%' . cred_wrap_esc_like($_REQUEST['q']) . '%'; } } $values_to_prepare[] = $term_name; $tax_join = ""; $tax_where = ""; if (isset($_REQUEST['taxonomy']) && $_REQUEST['taxonomy'] != '') { $tax_join = " JOIN {$wpdb->term_taxonomy} tt ON t.term_id = tt.term_id "; $tax_where = " AND tt.taxonomy = %s "; $values_to_prepare[] = $_REQUEST['taxonomy']; } // $results = $wpdb->get_results($wpdb->prepare("SELECT name FROM {$wpdb->terms} t {$tax_join}\n\t\t\t\tWHERE t.name LIKE %s \n\t\t\t\t{$tax_where}\n\t\t\t\tORDER BY name DESC \n\t\t\t\tLIMIT 5", $values_to_prepare)); foreach ($results as $row) { echo $row->name . "\n"; } die; }
/** * wpt_suggest_taxonomy_term * * Renders the suggestions when adding new flat taxonomy terms on a CRED form * * Needs a non-empty q attribute and can take an optional non-empty taxonomy attribute on the $_REQUEST * * @since 1.5.0 */ public function wpt_suggest_taxonomy_term() { if (!isset($_REQUEST['q']) || $_REQUEST['q'] == '') { die; } global $wpdb; $values_to_prepare = array(); if (function_exists("wpv_esc_like")) { $term_name = '%' . wpv_esc_like($_REQUEST['q']) . '%'; } else { if (function_exists("cred_wrap_esc_like")) { $term_name = '%' . cred_wrap_esc_like($_REQUEST['q']) . '%'; } } $values_to_prepare[] = $term_name; $tax_join = ""; $tax_where = ""; if (isset($_REQUEST['taxonomy']) && $_REQUEST['taxonomy'] != '') { $tax_join = " JOIN {$wpdb->term_taxonomy} tt ON t.term_id = tt.term_id "; $tax_where = " AND tt.taxonomy = %s "; $values_to_prepare[] = $_REQUEST['taxonomy']; global $sitepress; if (isset($sitepress)) { if (isset($_GET['source_lang'])) { $src_lang = $_GET['source_lang']; } else { $src_lang = $sitepress->get_current_language(); } if (isset($_GET['lang'])) { $lang = sanitize_text_field($_GET['lang']); } else { $lang = $src_lang; } $tax_where .= " AND t.term_id in (SELECT element_id from {$wpdb->prefix}icl_translations WHERE element_type = 'tax_{$_REQUEST['taxonomy']}' AND language_code = '{$lang}' ) "; } } $results = $wpdb->get_results($wpdb->prepare("SELECT name FROM {$wpdb->terms} t {$tax_join}\n\t\t\t\tWHERE t.name LIKE %s \n\t\t\t\t{$tax_where}\n\t\t\t\tORDER BY name DESC \n\t\t\t\tLIMIT 5", $values_to_prepare)); foreach ($results as $row) { echo $row->name . "\n"; } die; }
public static function getUsersByRole($roles) { global $wpdb; if (!is_array($roles)) { $roles = explode(",", $roles); array_walk($roles, 'trim'); } $sql = ' SELECT u.ID, u.display_name, u.user_email FROM ' . $wpdb->users . ' AS u INNER JOIN ' . $wpdb->usermeta . ' AS um ON u.ID = um.user_id WHERE um.meta_key = \'' . $wpdb->prefix . 'capabilities\' AND ( '; $i = 1; foreach ($roles as $role) { $sql .= ' um.meta_value LIKE \'%"' . cred_wrap_esc_like($role) . '"%\' '; if ($i < count($roles)) { $sql .= ' OR '; } $i++; } $sql .= ' ) '; $sql .= ' ORDER BY u.display_name '; $users = $wpdb->get_results($sql); return $users; }
public static function cred_ajax_tag_search() { global $wpdb; if (isset($_GET['tax'])) { $taxonomy = sanitize_key($_GET['tax']); $tax = get_taxonomy($taxonomy); if (!$tax) { wp_die(0); } // possible issue here, anyway bypass for now /* if ( ! current_user_can( $tax->cap->assign_terms ) ) wp_die( -1); */ } else { wp_die(0); } $s = stripslashes($_GET['q']); $comma = _x(',', 'tag delimiter'); if (',' !== $comma) { $s = str_replace($comma, ',', $s); } if (false !== strpos($s, ',')) { $s = explode(',', $s); $s = $s[count($s) - 1]; } $s = trim($s); if (strlen($s) < 2) { wp_die(); } // require 2 chars for matching global $sitepress, $wp_version; $post_id = intval($_GET['post_id']); if (isset($sitepress) && isset($post_id)) { $post_type = get_post_type($post_id); $post_language = $sitepress->get_element_language_details($post_id, 'post_' . $post_type); $lang = $post_language->language_code; $current_language = $sitepress->get_current_language(); //$sitepress->switch_lang($post_language->language_code, false); //https://icanlocalize.basecamphq.com/projects/7393061-toolset/todo_items/187413931/comments $results = $wpdb->get_col($wpdb->prepare("SELECT t.name FROM {$wpdb->term_taxonomy} AS tt INNER JOIN {$wpdb->terms} AS t ON tt.term_id = t.term_id JOIN {$wpdb->prefix}icl_translations tr ON tt.term_taxonomy_id = tr.element_id WHERE tt.taxonomy = %s AND tr.language_code = %s AND tr.element_type = %s AND t.name LIKE (%s)", $taxonomy, $lang, 'tax_' . $taxonomy, '%' . cred_wrap_esc_like($s) . '%')); //$sitepress->switch_lang($current_language); } else { //https://icanlocalize.basecamphq.com/projects/7393061-toolset/todo_items/187413931/comments $results = $wpdb->get_col($wpdb->prepare("SELECT t.name FROM {$wpdb->term_taxonomy} AS tt INNER JOIN {$wpdb->terms} AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = %s AND t.name LIKE (%s)", $taxonomy, '%' . cred_wrap_esc_like($s) . '%')); } echo join($results, "\n"); wp_die(); }