/** * Create an array to store the which records by visibility the user can edit. * This is done to prevent deleting any records the user isn't permitted view. * * @access private * @since 8.2.6 * * @global $wpdb * * @uses cnEntry_DB::sanitizeID() * @uses wpdb::query() * * @param string $table The table from which to delete the rows from. * @param array $data An array of unique ID/s to delete from the defined table. */ private function upsertDelete($table, $data) { /** @var wpdb $wpdb */ global $wpdb; $permitted = array(); $where = array('WHERE 1=1'); $where[] = 'AND `entry_id` = "' . $this->id . '"'; if (current_user_can('connections_view_public')) { $permitted[] = 'public'; } if (current_user_can('connections_view_private')) { $permitted[] = 'private'; } if (current_user_can('connections_view_unlisted')) { $permitted[] = 'unlisted'; } if (!empty($permitted)) { $where[] = 'AND `visibility` IN (\'' . implode('\', \'', $permitted) . '\')'; } $id = cnSanitize::id($data); if (!empty($id)) { $where[] = 'AND `id` NOT IN ( ' . implode(', ', $id) . ' )'; } $wpdb->query("DELETE FROM `{$table}` " . implode(' ', $where)); }