function ap_find_mentioned_users($content) { global $wpdb; // Find all mentions in content. preg_match_all('/(?:[\\s.]|^)@(\\w+)/', $content, $matches); if (is_array($matches) && count($matches) > 0 && !empty($matches[0])) { $user_logins = array(); // Remove duplicates. $unique_logins = array_unique($matches[0]); foreach ($unique_logins as $user_login) { $user_logins[] = sanitize_title_for_query(sanitize_user(wp_unslash($user_login), true)); } if (count($user_logins) == 0) { return false; } $user_logins_s = "'" . implode("','", $user_logins) . "'"; $key = md5($user_logins_s); $cache = wp_cache_get($key, 'ap_user_ids'); if (false !== $cache) { return $cache; } $query = $wpdb->prepare("SELECT id, user_login FROM {$wpdb->users} WHERE user_login IN ({$user_logins_s})"); $result = $wpdb->get_results($query); wp_cache_set($key, $result, 'ap_user_ids'); return $result; } return false; }
/** * Retrieve a download by a given field * * @since 2.0 * @param string $field The field to retrieve the discount with * @param mixed $value The value for field * @return mixed */ function edd_get_download_by($field = '', $value = '') { if (empty($field) || empty($value)) { return false; } switch (strtolower($field)) { case 'id': $download = get_post($value); if (get_post_type($download) != 'download') { return false; } break; case 'slug': case 'name': $download = query_posts(array('post_type' => 'download', 'name' => sanitize_title_for_query($value), 'posts_per_page' => 1, 'post_status' => 'any')); if ($download) { $download = $download[0]; } break; case 'sku': $download = query_posts(array('post_type' => 'download', 'meta_key' => 'edd_sku', 'meta_value' => $value, 'posts_per_page' => 1, 'post_status' => 'any')); if ($download) { $download = $download[0]; } break; default: return false; } if ($download) { return $download; } return false; }
function my_bbp_filter_search_results($r) { //Get the submitted forum ID (from the hidden field added in step 2) $forum_id = isset($_GET['bbp_search_forum_id']) ? sanitize_title_for_query($_GET['bbp_search_forum_id']) : false; //If the forum ID exits, filter the query if ($forum_id && is_numeric($forum_id)) { $r['meta_query'] = array(array('key' => '_bbp_forum_id', 'value' => $forum_id, 'compare' => '=')); } return $r; }
function sendpress_register_template($html_template = array()) { global $sendpress_html_templates; $id = SendPress_Data::get_html_template_id_by_slug(sanitize_title_for_query($html_template['name'])); //$id = 0; echo $id; $content = file_get_contents($html_template['path']); $my_post = array('ID' => $id, 'post_content' => $content, 'post_title' => $html_template['name'], 'post_status' => 'draft'); //print_r( $my_post ); // Update the post into the database wp_update_post($my_post); //$html_template['ID'] = $id; //$sendpress_html_templates[$id] = $html_template; }
/** * Redirects slugs with old separator to new permalinks. * * @param $query the query object * @return void * @since 1.0 */ function terrific_pre_get_posts($query) { global $wpdb; $name = $query->query_vars['name']; if (strpos($name, SLUG_SEPARATOR_OLD) > 0) { $name = sanitize_title_for_query($name); $new_name = str_replace(SLUG_SEPARATOR_OLD, SLUG_SEPARATOR_NEW, $name); $posts = $wpdb->get_results("\n SELECT ID, post_title, post_name\n FROM {$wpdb->posts}\n WHERE\n post_name = '" . $new_name . "' AND\n post_status = 'publish' AND\n post_type = 'post'\n LIMIT 1\n "); foreach ($posts as $post) { $permalink = get_permalink($post->ID); header('HTTP/1.1 301 Moved Permanently'); header('Location: ' . $permalink); exit; } wp_reset_query(); } }
static function count_comment_by_email($email, $post_id = false, $comment_type = false) { if (!$email) { return 0; } if ($email) { global $wpdb; $query = 'SELECT COUNT(comment_ID) FROM ' . $wpdb->comments . ' WHERE comment_author_email = "' . $email . '"'; if ($post_id) { $query .= ' AND comment_post_ID="' . sanitize_title_for_query($post_id) . '"'; } if ($comment_type) { $query .= ' AND comment_type="' . sanitize_title_for_query($comment_type) . '"'; } $count = $wpdb->get_var($query); return $count; } }
/** * Remove subscriber for question or term * @param integer $item_id Question ID or Term ID * @param integer $user_id WP user ID * @param string $activity Any sub ID * @param boolean|integer $sub_id @deprecated Type of subscriber, empty string for question * @return bollean|integer */ function ap_remove_subscriber($item_id, $user_id = false, $activity = false, $sub_id = false) { if (false !== $sub_id) { _deprecated_argument(__FUNCTION__, '3.0', '$sub_id argument deprecated since 2.4'); } global $wpdb; $cols = array('item_id' => (int) $item_id); if (false !== $user_id) { $cols['user_id'] = (int) $user_id; } if (false !== $activity) { $cols['activity'] = sanitize_title_for_query($activity); } $row = $wpdb->delete($wpdb->ap_subscribers, $cols, array('%d', '%d', '%s')); if (false === $row) { return false; } do_action('ap_removed_subscriber', $user_id, $item_id, $activity); return $row; }
/** * Add author args in query * @param object $query WP_Query object. */ public function serach_qa_by_userid($query) { $screen = get_current_screen(); if (isset($query->query_vars['s'], $screen->id, $screen->post_type) && ($screen->id == 'edit-question' && $screen->post_type == 'question' || $screen->id == 'edit-answer' && $screen->post_type == 'answer') && $query->is_main_query()) { $search_q = ap_parse_search_string(get_search_query()); // Set author args. if (!empty($search_q['author_id']) && is_array($search_q['author_id'])) { $user_ids = ''; foreach ($search_q['author_id'] as $id) { $user_ids .= (int) $id . ','; } set_query_var('author', rtrim($user_ids, ',')); } elseif (!empty($search_q['author_name']) && is_array($search_q['author_name'])) { $author_names = array(); foreach ($search_q['author_name'] as $id) { $author_names[] = sanitize_title_for_query($id); } set_query_var('ap_author_name', $author_names); } set_query_var('s', $search_q['q']); } }
/** * Retrieve the posts based on query variables. * * There are a few filters and actions that can be used to modify the post * database query. * * @since 1.5.0 * @access public * @uses do_action_ref_array() Calls 'pre_get_posts' hook before retrieving posts. * * @todo determine early if the query can be run using ES, otherwise defer to WP_Query * * @return array List of posts. */ public function get_posts() { global $wpdb; /** * In addition to what's below, other fields include: * post_id * post_author * post_author.user_nicename * post_date * post_date.year * post_date.month * post_date.week * post_date.day * post_date.day_of_year * post_date.day_of_week * post_date.hour * post_date.minute * post_date.second * post_date_gmt (plus all the same tokens as post_date) * post_content * post_content.analyzed * post_title * post_title.analyzed * post_excerpt * post_status * ping_status * post_password * post_name * post_modified (plus all the same tokens as post_date) * post_modified_gmt (plus all the same tokens as post_date) * post_parent * menu_order * post_type * post_mime_type * comment_count */ $this->es_map = apply_filters('es_field_map', array('post_meta' => 'post_meta.%s', 'post_meta.analyzed' => 'post_meta.%s.analyzed', 'post_meta.long' => 'post_meta.%s.long', 'post_meta.double' => 'post_meta.%s.double', 'post_meta.binary' => 'post_meta.%s.boolean', 'post_meta.date' => 'post_meta.%s.date', 'post_meta.datetime' => 'post_meta.%s.datetime', 'post_meta.time' => 'post_meta.%s.time', 'post_meta.signed' => 'post_meta.%s.signed', 'post_meta.unsigned' => 'post_meta.%s.unsigned', 'term_id' => 'terms.%s.term_id', 'term_slug' => 'terms.%s.slug', 'term_name' => 'terms.%s.name', 'term_tt_id' => 'terms.%s.term_taxonomy_id', 'category_id' => 'terms.%s.term_id', 'category_slug' => 'terms.%s.slug', 'category_name' => 'terms.%s.name', 'category_tt_id' => 'terms.%s.term_taxonomy_id', 'tag_id' => 'terms.%s.term_id', 'tag_slug' => 'terms.%s.slug', 'tag_name' => 'terms.%s.name', 'tag_tt_id' => 'terms.%s.term_taxonomy_id')); $this->parse_query(); if (isset($this->query_vars['es'])) { unset($this->query_vars['es']); } do_action_ref_array('pre_get_posts', array(&$this)); do_action_ref_array('es_pre_get_posts', array(&$this)); // Shorthand. $q =& $this->query_vars; // Fill again in case pre_get_posts unset some vars. $q = $this->fill_query_vars($q); // Parse meta query $this->meta_query = new ES_WP_Meta_Query(); $this->meta_query->parse_query_vars($q); // Set a flag if a pre_get_posts hook changed the query vars. $hash = md5(serialize($this->query_vars)); if ($hash != $this->query_vars_hash) { $this->query_vars_changed = true; $this->query_vars_hash = $hash; } unset($hash); // First let's clear some variables $distinct = ''; $whichauthor = ''; $whichmimetype = ''; $where = ''; $limits = ''; $join = ''; $search = ''; $groupby = ''; $post_status_join = false; $page = 1; // ES $filter = array(); $query = array(); $sort = array(); $fields = array(); $from = 0; $size = 10; if (!isset($q['ignore_sticky_posts'])) { $q['ignore_sticky_posts'] = false; } if (!isset($q['suppress_filters'])) { $q['suppress_filters'] = false; } if (!isset($q['cache_results'])) { if (wp_using_ext_object_cache()) { $q['cache_results'] = false; } else { $q['cache_results'] = true; } } if (!isset($q['update_post_term_cache'])) { $q['update_post_term_cache'] = true; } if (!isset($q['update_post_meta_cache'])) { $q['update_post_meta_cache'] = true; } if (!isset($q['post_type'])) { if ($this->is_search) { $q['post_type'] = 'any'; } else { $q['post_type'] = ''; } } $post_type = $q['post_type']; if (!isset($q['posts_per_page']) || $q['posts_per_page'] == 0) { $q['posts_per_page'] = get_option('posts_per_page'); } if (isset($q['showposts']) && $q['showposts']) { $q['showposts'] = (int) $q['showposts']; $q['posts_per_page'] = $q['showposts']; } if (isset($q['posts_per_archive_page']) && $q['posts_per_archive_page'] != 0 && ($this->is_archive || $this->is_search)) { $q['posts_per_page'] = $q['posts_per_archive_page']; } if (!isset($q['nopaging'])) { if ($q['posts_per_page'] == -1) { $q['nopaging'] = true; } else { $q['nopaging'] = false; } } if ($this->is_feed) { $q['posts_per_page'] = get_option('posts_per_rss'); $q['nopaging'] = false; } $q['posts_per_page'] = (int) $q['posts_per_page']; if ($q['posts_per_page'] < -1) { $q['posts_per_page'] = abs($q['posts_per_page']); } else { if ($q['posts_per_page'] == 0) { $q['posts_per_page'] = 1; } } if (!isset($q['comments_per_page']) || $q['comments_per_page'] == 0) { $q['comments_per_page'] = get_option('comments_per_page'); } if ($this->is_home && (empty($this->query) || $q['preview'] == 'true') && 'page' == get_option('show_on_front') && get_option('page_on_front')) { $this->is_page = true; $this->is_home = false; $q['page_id'] = get_option('page_on_front'); } if (isset($q['page'])) { $q['page'] = trim($q['page'], '/'); $q['page'] = absint($q['page']); } switch ($q['fields']) { case 'ids': $fields = array($this->es_map('post_id')); break; case 'id=>parent': $fields = array($this->es_map('post_id'), $this->es_map('post_parent')); break; default: if (apply_filters('es_query_use_source', false)) { $fields = array('_source'); } else { $fields = array($this->es_map('post_id')); } } if ('' !== $q['menu_order']) { $filter[] = $this->dsl_terms($this->es_map('menu_order'), $q['menu_order']); } // The "m" parameter is meant for months but accepts datetimes of varying specificity if ($q['m']) { $date = array('year' => substr($q['m'], 0, 4)); $m_len = strlen($q['m']); if ($m_len > 5) { $date['month'] = substr($q['m'], 4, 2); } if ($m_len > 7) { $date['day'] = substr($q['m'], 6, 2); } if ($m_len > 9) { $date['hour'] = substr($q['m'], 8, 2); } if ($m_len > 11) { $date['minute'] = substr($q['m'], 10, 2); } if ($m_len > 13) { $date['second'] = substr($q['m'], 12, 2); // If we have absolute precision, we can use a term filter instead of a range $filter[] = $this->dsl_terms($this->es_map('post_date'), ES_WP_Date_Query::build_datetime($date)); } else { // We don't have second-level precision, so we need to build a range query from what we have $date_query = new ES_WP_Date_Query(array('after' => $date, 'before' => $date, 'inclusive' => true)); $date_filter = $date_query->get_dsl($this); if (!empty($date_filter)) { $filter[] = $date_filter; } elseif (false === $date_filter) { // @todo: potentially do this differently; see no_results() for more info return $this->no_results(); } } } unset($date_query, $date_filter, $date, $m_len); // Handle the other individual date parameters $date_parameters = array(); if ('' !== $q['hour']) { $date_parameters['hour'] = $q['hour']; } if ('' !== $q['minute']) { $date_parameters['minute'] = $q['minute']; } if ('' !== $q['second']) { $date_parameters['second'] = $q['second']; } if ($q['year']) { $date_parameters['year'] = $q['year']; } if ($q['monthnum']) { $date_parameters['month'] = $q['monthnum']; } if ($q['w']) { $date_parameters['week'] = $q['w']; } if ($q['day']) { $date_parameters['day'] = $q['day']; } if ($date_parameters) { $date_query = new ES_WP_Date_Query(array($date_parameters)); $date_filter = $date_query->get_dsl($this); if (!empty($date_filter)) { $filter[] = $date_filter; } elseif (false === $date_filter) { // @todo: potentially do this differently; see no_results() for more info return $this->no_results(); } } unset($date_parameters, $date_query, $date_filter); // Handle complex date queries if (!empty($q['date_query'])) { $this->date_query = new ES_WP_Date_Query($q['date_query']); $date_filter = $this->date_query->get_dsl($this); if (!empty($date_filter)) { $filter[] = $date_filter; } elseif (false === $date_filter) { // @todo: potentially do this differently; see no_results() for more info return $this->no_results(); } unset($date_filter); } // If we've got a post_type AND it's not "any" post_type. if (!empty($q['post_type']) && 'any' != $q['post_type']) { foreach ((array) $q['post_type'] as $_post_type) { $ptype_obj = get_post_type_object($_post_type); if (!$ptype_obj || !$ptype_obj->query_var || empty($q[$ptype_obj->query_var])) { continue; } if (!$ptype_obj->hierarchical || strpos($q[$ptype_obj->query_var], '/') === false) { // Non-hierarchical post_types & parent-level-hierarchical post_types can directly use 'name' $q['name'] = $q[$ptype_obj->query_var]; } else { // Hierarchical post_types will operate through the $q['pagename'] = $q[$ptype_obj->query_var]; $q['name'] = ''; } // Only one request for a slug is possible, this is why name & pagename are overwritten above. break; } //end foreach unset($ptype_obj); } if ('' != $q['name']) { $q['name'] = sanitize_title_for_query($q['name']); $filter[] = $this->dsl_terms($this->es_map('post_name'), $q['name']); } elseif ('' != $q['pagename']) { if (isset($this->queried_object_id)) { $reqpage = $this->queried_object_id; } else { if ('page' != $q['post_type']) { foreach ((array) $q['post_type'] as $_post_type) { $ptype_obj = get_post_type_object($_post_type); if (!$ptype_obj || !$ptype_obj->hierarchical) { continue; } $reqpage = get_page_by_path($q['pagename'], OBJECT, $_post_type); if ($reqpage) { break; } } unset($ptype_obj); } else { $reqpage = get_page_by_path($q['pagename']); } if (!empty($reqpage)) { $reqpage = $reqpage->ID; } else { $reqpage = 0; } } $page_for_posts = get_option('page_for_posts'); if ('page' != get_option('show_on_front') || empty($page_for_posts) || $reqpage != $page_for_posts) { $q['pagename'] = sanitize_title_for_query(wp_basename($q['pagename'])); $q['name'] = $q['pagename']; $filter[] = $this->dsl_terms($this->es_map('post_id'), absint($reqpage)); $reqpage_obj = get_post($reqpage); if (is_object($reqpage_obj) && 'attachment' == $reqpage_obj->post_type) { $this->is_attachment = true; $post_type = $q['post_type'] = 'attachment'; $this->is_page = true; $q['attachment_id'] = $reqpage; } } } elseif ('' != $q['attachment']) { $q['attachment'] = sanitize_title_for_query(wp_basename($q['attachment'])); $q['name'] = $q['attachment']; $filter[] = $this->dsl_terms($this->es_map('post_name'), $q['attachment']); } if (isset($q['comments_popup']) && intval($q['comments_popup'])) { $q['p'] = absint($q['comments_popup']); } // If an attachment is requested by number, let it supersede any post number. if ($q['attachment_id']) { $q['p'] = absint($q['attachment_id']); } // If a post number is specified, load that post if ($q['p']) { $filter[] = $this->dsl_terms($this->es_map('post_id'), absint($q['p'])); } elseif ($q['post__in']) { $post__in = array_map('absint', $q['post__in']); $filter[] = $this->dsl_terms($this->es_map('post_id'), $post__in); } elseif ($q['post__not_in']) { $post__not_in = array_map('absint', $q['post__not_in']); $filter[] = array('not' => $this->dsl_terms($this->es_map('post_id'), $post__not_in)); } if (is_numeric($q['post_parent'])) { $filter[] = $this->dsl_terms($this->es_map('post_parent'), absint($q['post_parent'])); } elseif ($q['post_parent__in']) { $post_parent__in = array_map('absint', $q['post_parent__in']); $filter[] = $this->dsl_terms($this->es_map('post_parent'), $post_parent__in); } elseif ($q['post_parent__not_in']) { $post_parent__not_in = array_map('absint', $q['post_parent__not_in']); $filter[] = array('not' => $this->dsl_terms($this->es_map('post_parent'), $post_parent__not_in)); } if ($q['page_id']) { if ('page' != get_option('show_on_front') || $q['page_id'] != get_option('page_for_posts')) { $q['p'] = $q['page_id']; $filter[] = $this->dsl_terms($this->es_map('post_id'), absint($q['page_id'])); } } // If a search pattern is specified, load the posts that match. if (!empty($q['s'])) { $search = $this->parse_search($q); } /** * Filter the search query. * * @param string $search Search filter for ES query. * @param ES_WP_Query $this The current ES_WP_Query object. */ if (!empty($search)) { $query['must'] = apply_filters_ref_array('es_posts_search', array($search, &$this)); if (!is_user_logged_in()) { $filter[] = array('or' => array($this->dsl_terms($this->es_map('post_password'), ''), $this->dsl_missing($this->es_map('post_password')))); } } // Taxonomies if (!$this->is_singular) { $this->parse_tax_query($q); $this->tax_query = new ES_WP_Tax_Query($this->tax_query); $tax_filter = $this->tax_query->get_dsl($this); if (false === $tax_filter) { return $this->no_results(); } if (!empty($tax_filter)) { $filter[] = $tax_filter; } unset($tax_filter); } if ($this->is_tax) { if (empty($post_type)) { // Do a fully inclusive search for currently registered post types of queried taxonomies $post_type = array(); $taxonomies = wp_list_pluck($this->tax_query->queries, 'taxonomy'); foreach (get_post_types(array('exclude_from_search' => false)) as $pt) { $object_taxonomies = $pt === 'attachment' ? get_taxonomies_for_attachments() : get_object_taxonomies($pt); if (array_intersect($taxonomies, $object_taxonomies)) { $post_type[] = $pt; } } if (!$post_type) { $post_type = 'any'; } elseif (count($post_type) == 1) { $post_type = $post_type[0]; } // @todo: no good way to do this in ES; workarounds? $post_status_join = true; } elseif (in_array('attachment', (array) $post_type)) { // @todo: no good way to do this in ES; workarounds? $post_status_join = true; } } // Back-compat if (!empty($this->tax_query->queries)) { $tax_query_in_and = wp_list_filter($this->tax_query->queries, array('operator' => 'NOT IN'), 'NOT'); if (!empty($tax_query_in_and)) { if (!isset($q['taxonomy'])) { foreach ($tax_query_in_and as $a_tax_query) { if (!in_array($a_tax_query['taxonomy'], array('category', 'post_tag'))) { $q['taxonomy'] = $a_tax_query['taxonomy']; if ('slug' == $a_tax_query['field']) { $q['term'] = $a_tax_query['terms'][0]; } else { $q['term_id'] = $a_tax_query['terms'][0]; } break; } } } $cat_query = wp_list_filter($tax_query_in_and, array('taxonomy' => 'category')); if (!empty($cat_query)) { $cat_query = reset($cat_query); if (!empty($cat_query['terms'][0])) { $the_cat = get_term_by($cat_query['field'], $cat_query['terms'][0], 'category'); if ($the_cat) { $this->set('cat', $the_cat->term_id); $this->set('category_name', $the_cat->slug); } unset($the_cat); } } unset($cat_query); $tag_query = wp_list_filter($tax_query_in_and, array('taxonomy' => 'post_tag')); if (!empty($tag_query)) { $tag_query = reset($tag_query); if (!empty($tag_query['terms'][0])) { $the_tag = get_term_by($tag_query['field'], $tag_query['terms'][0], 'post_tag'); if ($the_tag) { $this->set('tag_id', $the_tag->term_id); } unset($the_tag); } } unset($tag_query); } } // @todo: hmmmm if (!empty($this->tax_query->queries) || !empty($this->meta_query->queries)) { $groupby = "{$wpdb->posts}.ID"; } // Author/user stuff if (!empty($q['author']) && $q['author'] != '0') { $q['author'] = addslashes_gpc('' . urldecode($q['author'])); $authors = array_unique(array_map('intval', preg_split('/[,\\s]+/', $q['author']))); foreach ($authors as $author) { $key = $author > 0 ? 'author__in' : 'author__not_in'; $q[$key][] = abs($author); } $q['author'] = implode(',', $authors); } if (!empty($q['author__not_in'])) { $author__not_in = array_map('absint', array_unique((array) $q['author__not_in'])); $filter[] = array('not' => $this->dsl_terms($this->es_map('post_author'), $author__not_in)); } elseif (!empty($q['author__in'])) { $author__in = array_map('absint', array_unique((array) $q['author__in'])); $filter[] = $this->dsl_terms($this->es_map('post_author'), $author__in); } // Author stuff for nice URLs if ('' != $q['author_name']) { if (strpos($q['author_name'], '/') !== false) { $q['author_name'] = explode('/', $q['author_name']); if ($q['author_name'][count($q['author_name']) - 1]) { $q['author_name'] = $q['author_name'][count($q['author_name']) - 1]; // no trailing slash } else { $q['author_name'] = $q['author_name'][count($q['author_name']) - 2]; // there was a trailing slash } } $q['author_name'] = sanitize_title_for_query($q['author_name']); $filter[] = $this->dsl_terms($this->es_map('post_author.user_nicename'), $q['author_name']); } // MIME-Type stuff for attachment browsing if (isset($q['post_mime_type']) && '' != $q['post_mime_type']) { $es_mime = $this->post_mime_type_query($q['post_mime_type'], $wpdb->posts); if (!empty($es_mime['filters'])) { $filter[] = $es_mime['filters']; } if (!empty($es_mime['query'])) { if (empty($query['should'])) { $query['should'] = $es_mime['query']; } else { $query['should'] = array_merge($query['should'], $es_mime['query']); } } } if (!isset($q['order'])) { $q['order'] = 'desc'; } else { $q['order'] = $this->parse_order($q['order']); } // Order by if (empty($q['orderby'])) { /* * Boolean false or empty array blanks out ORDER BY, * while leaving the value unset or otherwise empty sets the default. */ if (isset($q['orderby']) && (is_array($q['orderby']) || false === $q['orderby'])) { $orderby = ''; } else { $sort[] = array($this->es_map('post_date') => $q['order']); } } elseif ('none' == $q['orderby']) { // nothing to see here } elseif ($q['orderby'] == 'post__in' && !empty($post__in)) { // @todo: Figure this out... Elasticsearch doesn't have an equivalent of this // $orderby = "FIELD( {$wpdb->posts}.ID, $post__in )"; } elseif ($q['orderby'] == 'post_parent__in' && !empty($post_parent__in)) { // (see above) // $orderby = "FIELD( {$wpdb->posts}.post_parent, $post_parent__in )"; } else { if (is_array($q['orderby'])) { foreach ($q['orderby'] as $_orderby => $order) { $orderby = addslashes_gpc(urldecode($_orderby)); $parsed = $this->parse_orderby($orderby); if (!$parsed) { continue; } $sort[] = array($parsed => $this->parse_order($order)); } } else { $q['orderby'] = urldecode($q['orderby']); $q['orderby'] = addslashes_gpc($q['orderby']); foreach (explode(' ', $q['orderby']) as $i => $orderby) { $parsed = $this->parse_orderby($orderby); // Only allow certain values for safety. if (!$parsed) { continue; } $sort[] = array($parsed => $q['order']); } if (empty($sort)) { $sort[] = array($this->es_map('post_date') => $q['order']); } } } // Order search results by relevance only when another "orderby" is not specified in the query. if (!empty($q['s'])) { $search_orderby = array(); if (empty($q['orderby']) && !$this->is_feed || isset($q['orderby']) && 'relevance' === $q['orderby']) { $search_orderby = array('_score'); } /** * Filter the order used when ordering search results. * * @param array $search_orderby The order clause. * @param ES_WP_Query $this The current ES_WP_Query instance. */ $search_orderby = apply_filters('es_posts_search_orderby', $search_orderby, $this); if ($search_orderby) { $sort = $sort ? array_merge($search_orderby, $sort) : $search_orderby; } } if (is_array($post_type) && count($post_type) > 1) { $post_type_cap = 'multiple_post_type'; } else { if (is_array($post_type)) { $post_type = reset($post_type); } $post_type_object = get_post_type_object($post_type); if (empty($post_type_object)) { $post_type_cap = $post_type; } } if ('any' == $post_type) { $in_search_post_types = get_post_types(array('exclude_from_search' => false)); if (empty($in_search_post_types)) { // @todo: potentially do this differently; see no_results() for more info return $this->no_results(); } else { $filter[] = $this->dsl_terms($this->es_map('post_type'), array_values($in_search_post_types)); } } elseif (!empty($post_type)) { $filter[] = $this->dsl_terms($this->es_map('post_type'), array_values((array) $post_type)); if (!is_array($post_type)) { $post_type_object = get_post_type_object($post_type); } } elseif ($this->is_attachment) { $filter[] = $this->dsl_terms($this->es_map('post_type'), 'attachment'); $post_type_object = get_post_type_object('attachment'); } elseif ($this->is_page) { $filter[] = $this->dsl_terms($this->es_map('post_type'), 'page'); $post_type_object = get_post_type_object('page'); } else { $filter[] = $this->dsl_terms($this->es_map('post_type'), 'post'); $post_type_object = get_post_type_object('post'); } $edit_cap = 'edit_post'; $read_cap = 'read_post'; if (!empty($post_type_object)) { $edit_others_cap = $post_type_object->cap->edit_others_posts; $read_private_cap = $post_type_object->cap->read_private_posts; } else { $edit_others_cap = 'edit_others_' . $post_type_cap . 's'; $read_private_cap = 'read_private_' . $post_type_cap . 's'; } $user_id = get_current_user_id(); if (!empty($q['post_status'])) { $statuswheres = array(); $q_status = $q['post_status']; if (!is_array($q_status)) { $q_status = explode(',', $q_status); } $r_status = array(); $p_status = array(); $e_status = array(); if (in_array('any', $q_status)) { $e_status = get_post_stati(array('exclude_from_search' => true)); $e_status = array_values($e_status); } else { foreach (get_post_stati() as $status) { if (in_array($status, $q_status)) { if ('private' == $status) { $p_status[] = $status; } else { $r_status[] = $status; } } } } if (empty($q['perm']) || 'readable' != $q['perm']) { $r_status = array_merge($r_status, $p_status); unset($p_status); } if (!empty($e_status)) { // $statuswheres[] = "(" . join( ' AND ', $e_status ) . ")"; $status_ands[] = array('not' => $this->dsl_terms($this->es_map('post_status'), $e_status)); } if (!empty($r_status)) { if (!empty($q['perm']) && 'editable' == $q['perm'] && !current_user_can($edit_others_cap)) { // $statuswheres[] = "($wpdb->posts.post_author = $user_id " . "AND (" . join( ' OR ', $r_status ) . "))"; $status_ands[] = array('bool' => array('must' => array($this->dsl_terms($this->es_map('post_author'), $user_id), $this->dsl_terms($this->es_map('post_status'), $r_status)))); } else { // $statuswheres[] = "(" . join( ' OR ', $r_status ) . ")"; $status_ands[] = $this->dsl_terms($this->es_map('post_status'), $r_status); } } if (!empty($p_status)) { if (!empty($q['perm']) && 'readable' == $q['perm'] && !current_user_can($read_private_cap)) { // $statuswheres[] = "($wpdb->posts.post_author = $user_id " . "AND (" . join( ' OR ', $p_status ) . "))"; $status_ands[] = array('bool' => array('must' => array($this->dsl_terms($this->es_map('post_author'), $user_id), $this->dsl_terms($this->es_map('post_status'), $p_status)))); } else { // $statuswheres[] = "(" . join( ' OR ', $p_status ) . ")"; $status_ands[] = $this->dsl_terms($this->es_map('post_status'), $p_status); } } if ($post_status_join) { // @todo: no good way to do this in ES... /* $join .= " LEFT JOIN $wpdb->posts AS p2 ON ($wpdb->posts.post_parent = p2.ID) "; foreach ( $statuswheres as $index => $statuswhere ) $statuswheres[$index] = "($statuswhere OR ($wpdb->posts.post_status = 'inherit' AND " . str_replace($wpdb->posts, 'p2', $statuswhere) . "))"; */ } $filter = array_merge($filter, $status_ands); } elseif (!$this->is_singular) { $singular_states = array('publish'); // Add public states. $singular_states = array_merge($singular_states, (array) get_post_stati(array('public' => true))); if ($this->is_admin) { // Add protected states that should show in the admin all list. $singular_states = array_merge($singular_states, (array) get_post_stati(array('protected' => true, 'show_in_admin_all_list' => true))); } if (is_user_logged_in()) { // Add private states that are limited to viewing by the author of a post or someone who has caps to read private states. $private_states = get_post_stati(array('private' => true)); $singular_states_ors = array(); foreach ((array) $private_states as $state) { // @todo: leaving off here if (current_user_can($read_private_cap)) { $singular_states[] = $state; } else { $singular_states_ors[] = array('and' => array($this->dsl_terms($this->es_map('post_author'), $user_id), $this->dsl_terms($this->es_map('post_status'), $state))); } } } $singular_states = array_values(array_unique($singular_states)); $singular_states_filter = $this->dsl_terms($this->es_map('post_status'), $singular_states); if (!empty($singular_states_ors)) { $singular_states_ors[] = $singular_states_filter; $filter[] = array('or' => $singular_states_ors); } else { $filter[] = $singular_states_filter; } unset($singular_states, $singular_states_filter, $singular_states_ors, $private_states); } if (!empty($this->meta_query->queries)) { $filter[] = $this->meta_query->get_dsl($this, 'post'); } // Apply filters on the filter clause prior to paging so that any // manipulations to them are reflected in the paging by day queries. if (!$q['suppress_filters']) { $filter = apply_filters_ref_array('es_query_filter', array($filter, &$this)); } // Paging if (empty($q['nopaging']) && !$this->is_singular) { $page = absint($q['paged']); if (!$page) { $page = 1; } if (empty($q['offset'])) { $from = ($page - 1) * $q['posts_per_page']; } else { // we're ignoring $page and using 'offset' $from = absint($q['offset']); } $size = $q['posts_per_page']; } else { $from = $size = false; } // Comments feeds // @todo: come back to this if (0 && $this->is_comment_feed && ($this->is_archive || $this->is_search || !$this->is_singular)) { if ($this->is_archive || $this->is_search) { $cjoin = "JOIN {$wpdb->posts} ON ({$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID) {$join} "; $cwhere = "WHERE comment_approved = '1' {$where}"; $cgroupby = "{$wpdb->comments}.comment_id"; } else { // Other non singular e.g. front $cjoin = "JOIN {$wpdb->posts} ON ( {$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID )"; $cwhere = "WHERE post_status = 'publish' AND comment_approved = '1'"; $cgroupby = ''; } if (!$q['suppress_filters']) { $cjoin = apply_filters_ref_array('es_comment_feed_join', array($cjoin, &$this)); $cwhere = apply_filters_ref_array('es_comment_feed_where', array($cwhere, &$this)); $cgroupby = apply_filters_ref_array('es_comment_feed_groupby', array($cgroupby, &$this)); $corderby = apply_filters_ref_array('es_comment_feed_orderby', array('comment_date_gmt DESC', &$this)); $climits = apply_filters_ref_array('es_comment_feed_limits', array('LIMIT ' . get_option('posts_per_rss'), &$this)); } $cgroupby = !empty($cgroupby) ? 'GROUP BY ' . $cgroupby : ''; $corderby = !empty($corderby) ? 'ORDER BY ' . $corderby : ''; $this->comments = (array) $wpdb->get_results("SELECT {$distinct} {$wpdb->comments}.* FROM {$wpdb->comments} {$cjoin} {$cwhere} {$cgroupby} {$corderby} {$climits}"); $this->comment_count = count($this->comments); $post_ids = array(); foreach ($this->comments as $comment) { $post_ids[] = (int) $comment->comment_post_ID; } $post_ids = join(',', $post_ids); $join = ''; if ($post_ids) { $where = "AND {$wpdb->posts}.ID IN ({$post_ids}) "; } else { $where = "AND 0"; } } // Run cleanup on our filter and query $filter = array_filter($filter); if (!empty($filter)) { $filter = array('and' => $filter); } $query = array_filter($query); if (!empty($query)) { if (1 == count($query) && !empty($query['must']) && 1 == count($query['must'])) { $query = $query['must']; } else { $query = array('bool' => $query); if (!empty($query['bool']['should'])) { $query['bool']['minimum_should_match'] = 1; } } } $pieces = array('filter', 'query', 'sort', 'fields', 'size', 'from'); // Apply post-paging filters on our clauses. Only plugins that // manipulate paging queries should use these hooks. if (!$q['suppress_filters']) { $filter = apply_filters_ref_array('es_posts_filter_paged', array($filter, &$this)); $query = apply_filters_ref_array('es_posts_query_paged', array($query, &$this)); $sort = apply_filters_ref_array('es_posts_sort', array($sort, &$this)); $fields = apply_filters_ref_array('es_posts_fields', array($fields, &$this)); $size = apply_filters_ref_array('es_posts_size', array($size, &$this)); $from = apply_filters_ref_array('es_posts_from', array($from, &$this)); // Filter all clauses at once, for convenience $clauses = (array) apply_filters_ref_array('es_posts_clauses', array(compact($pieces), &$this)); foreach ($pieces as $piece) { ${$piece} = isset($clauses[$piece]) ? $clauses[$piece] : ''; } } // Announce current selection parameters. For use by caching plugins. do_action('es_posts_selection', array('filter' => $filter, 'query' => $query, 'sort' => $sort, 'fields' => $fields, 'size' => $size, 'from' => $from)); // Filter again for the benefit of caching plugins. Regular plugins should use the hooks above. if (!$q['suppress_filters']) { $filter = apply_filters_ref_array('es_posts_filter_request', array($filter, &$this)); $query = apply_filters_ref_array('es_posts_query_request', array($query, &$this)); $sort = apply_filters_ref_array('es_posts_sort_request', array($sort, &$this)); $fields = apply_filters_ref_array('es_posts_fields_request', array($fields, &$this)); $size = apply_filters_ref_array('es_posts_size_request', array($size, &$this)); $from = apply_filters_ref_array('es_posts_from_request', array($from, &$this)); // Filter all clauses at once, for convenience $clauses = (array) apply_filters_ref_array('es_posts_clauses_request', array(compact($pieces), &$this)); foreach ($pieces as $piece) { ${$piece} = isset($clauses[$piece]) ? $clauses[$piece] : ''; } } $this->es_args = array('filter' => $filter, 'query' => $query, 'sort' => $sort, 'fields' => $fields, 'from' => $from, 'size' => $size); // Remove empty criteria foreach ($this->es_args as $key => $value) { if (empty($value) && 0 !== $value) { unset($this->es_args[$key]); } } // Elasticsearch needs a size, so we set it very high if posts_per_page = -1 if (-1 == $q['posts_per_page'] && !isset($this->es_args['size'])) { $this->es_args['size'] = $size = apply_filters('es_query_max_results', 1000); } $old_args = $this->es_args; if (!$q['suppress_filters']) { $this->es_args = apply_filters_ref_array('es_posts_request', array($this->es_args, &$this)); } if ('ids' == $q['fields'] || 'id=>parent' == $q['fields']) { $this->es_response = $this->query_es($this->es_args); $this->set_posts($q, $this->es_response); $this->post_count = count($this->posts); $this->set_found_posts($q, $this->es_response); return $this->posts; } $this->es_response = $this->query_es($this->es_args); $this->set_posts($q, $this->es_response); $this->set_found_posts($q, $this->es_response); // The rest of this method is mostly core // Convert to WP_Post objects if ($this->posts) { $this->posts = array_map('get_post', $this->posts); } // Raw results filter. Prior to status checks. if (!$q['suppress_filters']) { $this->posts = apply_filters_ref_array('es_posts_results', array($this->posts, &$this)); } // @todo: address this if (0 && !empty($this->posts) && $this->is_comment_feed && $this->is_singular) { $cjoin = apply_filters_ref_array('es_comment_feed_join', array('', &$this)); $cwhere = apply_filters_ref_array('es_comment_feed_where', array("WHERE comment_post_ID = '{$this->posts[0]->ID}' AND comment_approved = '1'", &$this)); $cgroupby = apply_filters_ref_array('es_comment_feed_groupby', array('', &$this)); $cgroupby = !empty($cgroupby) ? 'GROUP BY ' . $cgroupby : ''; $corderby = apply_filters_ref_array('es_comment_feed_orderby', array('comment_date_gmt DESC', &$this)); $corderby = !empty($corderby) ? 'ORDER BY ' . $corderby : ''; $climits = apply_filters_ref_array('es_comment_feed_limits', array('LIMIT ' . get_option('posts_per_rss'), &$this)); $comments_request = "SELECT {$wpdb->comments}.* FROM {$wpdb->comments} {$cjoin} {$cwhere} {$cgroupby} {$corderby} {$climits}"; $this->comments = $wpdb->get_results($comments_request); $this->comment_count = count($this->comments); } // Check post status to determine if post should be displayed. if (!empty($this->posts) && ($this->is_single || $this->is_page)) { $status = get_post_status($this->posts[0]); $post_status_obj = get_post_status_object($status); //$type = get_post_type($this->posts[0]); if (!$post_status_obj->public) { if (!is_user_logged_in()) { // User must be logged in to view unpublished posts. $this->posts = array(); } else { if ($post_status_obj->protected) { // User must have edit permissions on the draft to preview. if (!current_user_can($edit_cap, $this->posts[0]->ID)) { $this->posts = array(); } else { $this->is_preview = true; if ('future' != $status) { $this->posts[0]->post_date = current_time('mysql'); } } } elseif ($post_status_obj->private) { if (!current_user_can($read_cap, $this->posts[0]->ID)) { $this->posts = array(); } } else { $this->posts = array(); } } } if ($this->is_preview && $this->posts && current_user_can($edit_cap, $this->posts[0]->ID)) { $this->posts[0] = get_post(apply_filters_ref_array('es_the_preview', array($this->posts[0], &$this))); } } // @todo: address this // Put sticky posts at the top of the posts array $sticky_posts = get_option('sticky_posts'); if (0 && $this->is_home && $page <= 1 && is_array($sticky_posts) && !empty($sticky_posts) && !$q['ignore_sticky_posts']) { $num_posts = count($this->posts); $sticky_offset = 0; // Loop over posts and relocate stickies to the front. for ($i = 0; $i < $num_posts; $i++) { if (in_array($this->posts[$i]->ID, $sticky_posts)) { $sticky_post = $this->posts[$i]; // Remove sticky from current position array_splice($this->posts, $i, 1); // Move to front, after other stickies array_splice($this->posts, $sticky_offset, 0, array($sticky_post)); // Increment the sticky offset. The next sticky will be placed at this offset. $sticky_offset++; // Remove post from sticky posts array $offset = array_search($sticky_post->ID, $sticky_posts); unset($sticky_posts[$offset]); } } // If any posts have been excluded specifically, Ignore those that are sticky. if (!empty($sticky_posts) && !empty($q['post__not_in'])) { $sticky_posts = array_diff($sticky_posts, $q['post__not_in']); } // Fetch sticky posts that weren't in the query results if (!empty($sticky_posts)) { $stickies = get_posts(array('post__in' => $sticky_posts, 'post_type' => $post_type, 'post_status' => 'publish', 'nopaging' => true)); foreach ($stickies as $sticky_post) { array_splice($this->posts, $sticky_offset, 0, array($sticky_post)); $sticky_offset++; } } } if (!$q['suppress_filters']) { $this->posts = apply_filters_ref_array('es_the_posts', array($this->posts, &$this)); } // Ensure that any posts added/modified via one of the filters above are // of the type WP_Post and are filtered. if ($this->posts) { $this->post_count = count($this->posts); $this->posts = array_map('get_post', $this->posts); if ($q['cache_results']) { update_post_caches($this->posts, $post_type, $q['update_post_term_cache'], $q['update_post_meta_cache']); } $this->post = reset($this->posts); } else { $this->post_count = 0; $this->posts = array(); } return $this->posts; }
public function getPostID($Class) { $db = $this->wpdb; $post_type = sanitize_title_for_query($Class::POST_TYPE); return $this->query("SELECT ID FROM {$db->posts} WHERE post_type = '{$post_type}' AND post_status = 'publish' "); }
static function _alter_search_query($where) { global $wp_query; if (!is_admin()) { return $where; } if ($wp_query->get('post_type') != 'hotel_room') { return $where; } global $wpdb; if ($wp_query->get('s')) { $_GET['s'] = isset($_GET['s']) ? sanitize_title_for_query($_GET['s']) : ''; $add_where = " OR {$wpdb->posts}.ID IN (SELECT post_id FROM\r\n {$wpdb->postmeta}\r\n WHERE {$wpdb->postmeta}.meta_key ='room_parent'\r\n AND {$wpdb->postmeta}.meta_value IN (SELECT {$wpdb->posts}.ID\r\n FROM {$wpdb->posts} WHERE {$wpdb->posts}.post_title LIKE '%{$_GET['s']}%'\r\n )\r\n\r\n ) "; $where .= $add_where; } return $where; }
$output .= "</div>"; $output .= "</div><hr>"; } if ($news->post_count != 0) { $landingpage = get_option('options_module_events_page'); if (!$landingpage) { $landingpage_link_text = 'events'; $landingpage = site_url() . '/events/'; } else { $landingpage_link_text = get_the_title($landingpage[0]); $landingpage = get_permalink($landingpage[0]); } $output .= '<p class="events-more"><strong><a title="' . $landingpage_link_text . '" class="small" href="' . $landingpage . '">' . $landingpage_link_text . '</a></strong> <span class="dashicons dashicons-arrow-right-alt2"></span></p>'; $output .= $after_widget; } $output .= "</div>"; $output .= "</div>"; set_transient('aggregator_events_' . $colid . '_' . sanitize_title_for_query($title), $output, 5 * 60); // set cache period 5 minutes } if ($output) { echo "<div class='widget-box'>"; if ($title) { echo "<h3>" . esc_attr($title) . "</h3>"; } echo $output; echo "</div>"; } wp_reset_postdata(); ?>
/** * Find the post ID by given post_name. the slug is sanitized the same way as WP_Query. * see this link for more info. https://developer.wordpress.org/reference/functions/sanitize_title_for_query/ * This function should be slightly faster than get_posts, get_pages or WP_Query as those general purpose functions fetch whole bunch of information not really needed. * It does not require joining meta table either. * @param string $slug, post_name of the post. Note this is not the post_title. It is the name (slug) normally appearing in the url if permalink is enabled. * @return number. the post id, of the post_type _pods_pod. * @since 1.0 */ static function find_post_id_by_slug($slug) { $slug = sanitize_title_for_query($slug); global $wpdb; $table_prefix = $wpdb->get_blog_prefix(); $post_id = $wpdb->get_var("\n\t\t\t\t\tSELECT ID \n\t\t\t\t\tFROM " . $table_prefix . "posts\n\t\t\t\t\tWHERE post_name='" . $slug . "' \n\t\t\t\t\tAND post_type='_pods_pod'\n\t\t\t\t\n\t\t\t\t\t"); if ($post_id) { return $post_id; } else { return false; } }
/** * Retrieve the posts based on query variables. * * There are a few filters and actions that can be used to modify the post * database query. * * @since 1.5.0 * @access public * @uses do_action_ref_array() Calls 'pre_get_posts' hook before retrieving posts. * * @return array List of posts. */ function &get_posts() { global $wpdb, $user_ID, $_wp_using_ext_object_cache; $this->parse_query(); do_action_ref_array('pre_get_posts', array(&$this)); // Shorthand. $q =& $this->query_vars; // Fill again in case pre_get_posts unset some vars. $q = $this->fill_query_vars($q); // Parse meta query $this->meta_query = new WP_Meta_Query(); $this->meta_query->parse_query_vars($q); // Set a flag if a pre_get_posts hook changed the query vars. $hash = md5(serialize($this->query_vars)); if ($hash != $this->query_vars_hash) { $this->query_vars_changed = true; $this->query_vars_hash = $hash; } unset($hash); // First let's clear some variables $distinct = ''; $whichauthor = ''; $whichmimetype = ''; $where = ''; $limits = ''; $join = ''; $search = ''; $groupby = ''; $fields = ''; $post_status_join = false; $page = 1; if (isset($q['caller_get_posts'])) { _deprecated_argument('WP_Query', '3.1', __('"caller_get_posts" is deprecated. Use "ignore_sticky_posts" instead.')); if (!isset($q['ignore_sticky_posts'])) { $q['ignore_sticky_posts'] = $q['caller_get_posts']; } } if (!isset($q['ignore_sticky_posts'])) { $q['ignore_sticky_posts'] = false; } if (!isset($q['suppress_filters'])) { $q['suppress_filters'] = false; } if (!isset($q['cache_results'])) { if ($_wp_using_ext_object_cache) { $q['cache_results'] = false; } else { $q['cache_results'] = true; } } if (!isset($q['update_post_term_cache'])) { $q['update_post_term_cache'] = true; } if (!isset($q['update_post_meta_cache'])) { $q['update_post_meta_cache'] = true; } if (!isset($q['post_type'])) { if ($this->is_search) { $q['post_type'] = 'any'; } else { $q['post_type'] = ''; } } $post_type = $q['post_type']; if (!isset($q['posts_per_page']) || $q['posts_per_page'] == 0) { $q['posts_per_page'] = get_option('posts_per_page'); } if (isset($q['showposts']) && $q['showposts']) { $q['showposts'] = (int) $q['showposts']; $q['posts_per_page'] = $q['showposts']; } if (isset($q['posts_per_archive_page']) && $q['posts_per_archive_page'] != 0 && ($this->is_archive || $this->is_search)) { $q['posts_per_page'] = $q['posts_per_archive_page']; } if (!isset($q['nopaging'])) { if ($q['posts_per_page'] == -1) { $q['nopaging'] = true; } else { $q['nopaging'] = false; } } if ($this->is_feed) { $q['posts_per_page'] = get_option('posts_per_rss'); $q['nopaging'] = false; } $q['posts_per_page'] = (int) $q['posts_per_page']; if ($q['posts_per_page'] < -1) { $q['posts_per_page'] = abs($q['posts_per_page']); } else { if ($q['posts_per_page'] == 0) { $q['posts_per_page'] = 1; } } if (!isset($q['comments_per_page']) || $q['comments_per_page'] == 0) { $q['comments_per_page'] = get_option('comments_per_page'); } if ($this->is_home && (empty($this->query) || $q['preview'] == 'true') && 'page' == get_option('show_on_front') && get_option('page_on_front')) { $this->is_page = true; $this->is_home = false; $q['page_id'] = get_option('page_on_front'); } if (isset($q['page'])) { $q['page'] = trim($q['page'], '/'); $q['page'] = absint($q['page']); } // If true, forcibly turns off SQL_CALC_FOUND_ROWS even when limits are present. if (isset($q['no_found_rows'])) { $q['no_found_rows'] = (bool) $q['no_found_rows']; } else { $q['no_found_rows'] = false; } switch ($q['fields']) { case 'ids': $fields = "{$wpdb->posts}.ID"; break; case 'id=>parent': $fields = "{$wpdb->posts}.ID, {$wpdb->posts}.post_parent"; break; default: $fields = "{$wpdb->posts}.*"; } // If a month is specified in the querystring, load that month if ($q['m']) { $q['m'] = '' . preg_replace('|[^0-9]|', '', $q['m']); $where .= " AND YEAR({$wpdb->posts}.post_date)=" . substr($q['m'], 0, 4); if (strlen($q['m']) > 5) { $where .= " AND MONTH({$wpdb->posts}.post_date)=" . substr($q['m'], 4, 2); } if (strlen($q['m']) > 7) { $where .= " AND DAYOFMONTH({$wpdb->posts}.post_date)=" . substr($q['m'], 6, 2); } if (strlen($q['m']) > 9) { $where .= " AND HOUR({$wpdb->posts}.post_date)=" . substr($q['m'], 8, 2); } if (strlen($q['m']) > 11) { $where .= " AND MINUTE({$wpdb->posts}.post_date)=" . substr($q['m'], 10, 2); } if (strlen($q['m']) > 13) { $where .= " AND SECOND({$wpdb->posts}.post_date)=" . substr($q['m'], 12, 2); } } if ('' !== $q['hour']) { $where .= " AND HOUR({$wpdb->posts}.post_date)='" . $q['hour'] . "'"; } if ('' !== $q['minute']) { $where .= " AND MINUTE({$wpdb->posts}.post_date)='" . $q['minute'] . "'"; } if ('' !== $q['second']) { $where .= " AND SECOND({$wpdb->posts}.post_date)='" . $q['second'] . "'"; } if ($q['year']) { $where .= " AND YEAR({$wpdb->posts}.post_date)='" . $q['year'] . "'"; } if ($q['monthnum']) { $where .= " AND MONTH({$wpdb->posts}.post_date)='" . $q['monthnum'] . "'"; } if ($q['day']) { $where .= " AND DAYOFMONTH({$wpdb->posts}.post_date)='" . $q['day'] . "'"; } // If we've got a post_type AND its not "any" post_type. if (!empty($q['post_type']) && 'any' != $q['post_type']) { foreach ((array) $q['post_type'] as $_post_type) { $ptype_obj = get_post_type_object($_post_type); if (!$ptype_obj || !$ptype_obj->query_var || empty($q[$ptype_obj->query_var])) { continue; } if (!$ptype_obj->hierarchical || strpos($q[$ptype_obj->query_var], '/') === false) { // Non-hierarchical post_types & parent-level-hierarchical post_types can directly use 'name' $q['name'] = $q[$ptype_obj->query_var]; } else { // Hierarchical post_types will operate through the $q['pagename'] = $q[$ptype_obj->query_var]; $q['name'] = ''; } // Only one request for a slug is possible, this is why name & pagename are overwritten above. break; } //end foreach unset($ptype_obj); } if ('' != $q['name']) { $q['name'] = sanitize_title_for_query($q['name']); $where .= " AND {$wpdb->posts}.post_name = '" . $q['name'] . "'"; } elseif ('' != $q['pagename']) { if (isset($this->queried_object_id)) { $reqpage = $this->queried_object_id; } else { if ('page' != $q['post_type']) { foreach ((array) $q['post_type'] as $_post_type) { $ptype_obj = get_post_type_object($_post_type); if (!$ptype_obj || !$ptype_obj->hierarchical) { continue; } $reqpage = get_page_by_path($q['pagename'], OBJECT, $_post_type); if ($reqpage) { break; } } unset($ptype_obj); } else { $reqpage = get_page_by_path($q['pagename']); } if (!empty($reqpage)) { $reqpage = $reqpage->ID; } else { $reqpage = 0; } } $page_for_posts = get_option('page_for_posts'); if ('page' != get_option('show_on_front') || empty($page_for_posts) || $reqpage != $page_for_posts) { $q['pagename'] = sanitize_title_for_query(wp_basename($q['pagename'])); $q['name'] = $q['pagename']; $where .= " AND ({$wpdb->posts}.ID = '{$reqpage}')"; $reqpage_obj = get_page($reqpage); if (is_object($reqpage_obj) && 'attachment' == $reqpage_obj->post_type) { $this->is_attachment = true; $post_type = $q['post_type'] = 'attachment'; $this->is_page = true; $q['attachment_id'] = $reqpage; } } } elseif ('' != $q['attachment']) { $q['attachment'] = sanitize_title_for_query(wp_basename($q['attachment'])); $q['name'] = $q['attachment']; $where .= " AND {$wpdb->posts}.post_name = '" . $q['attachment'] . "'"; } if ($q['w']) { $where .= ' AND ' . _wp_mysql_week("`{$wpdb->posts}`.`post_date`") . " = '" . $q['w'] . "'"; } if (intval($q['comments_popup'])) { $q['p'] = absint($q['comments_popup']); } // If an attachment is requested by number, let it supersede any post number. if ($q['attachment_id']) { $q['p'] = absint($q['attachment_id']); } // If a post number is specified, load that post if ($q['p']) { $where .= " AND {$wpdb->posts}.ID = " . $q['p']; } elseif ($q['post__in']) { $post__in = implode(',', array_map('absint', $q['post__in'])); $where .= " AND {$wpdb->posts}.ID IN ({$post__in})"; } elseif ($q['post__not_in']) { $post__not_in = implode(',', array_map('absint', $q['post__not_in'])); $where .= " AND {$wpdb->posts}.ID NOT IN ({$post__not_in})"; } if (is_numeric($q['post_parent'])) { $where .= $wpdb->prepare(" AND {$wpdb->posts}.post_parent = %d ", $q['post_parent']); } if ($q['page_id']) { if ('page' != get_option('show_on_front') || $q['page_id'] != get_option('page_for_posts')) { $q['p'] = $q['page_id']; $where = " AND {$wpdb->posts}.ID = " . $q['page_id']; } } // If a search pattern is specified, load the posts that match if (!empty($q['s'])) { // added slashes screw with quote grouping when done early, so done later $q['s'] = stripslashes($q['s']); if (!empty($q['sentence'])) { $q['search_terms'] = array($q['s']); } else { preg_match_all('/".*?("|$)|((?<=[\\r\\n\\t ",+])|^)[^\\r\\n\\t ",+]+/', $q['s'], $matches); $q['search_terms'] = array_map('_search_terms_tidy', $matches[0]); } $n = !empty($q['exact']) ? '' : '%'; $searchand = ''; foreach ((array) $q['search_terms'] as $term) { $term = esc_sql(like_escape($term)); $search .= "{$searchand}(({$wpdb->posts}.post_title LIKE '{$n}{$term}{$n}') OR ({$wpdb->posts}.post_content LIKE '{$n}{$term}{$n}'))"; $searchand = ' AND '; } if (!empty($search)) { $search = " AND ({$search}) "; if (!is_user_logged_in()) { $search .= " AND ({$wpdb->posts}.post_password = '') "; } } } // Allow plugins to contextually add/remove/modify the search section of the database query $search = apply_filters_ref_array('posts_search', array($search, &$this)); // Taxonomies if (!$this->is_singular) { $this->parse_tax_query($q); $clauses = $this->tax_query->get_sql($wpdb->posts, 'ID'); $join .= $clauses['join']; $where .= $clauses['where']; } if ($this->is_tax) { if (empty($post_type)) { $post_type = 'any'; $post_status_join = true; } elseif (in_array('attachment', (array) $post_type)) { $post_status_join = true; } } // Back-compat if (!empty($this->tax_query->queries)) { $tax_query_in_and = wp_list_filter($this->tax_query->queries, array('operator' => 'NOT IN'), 'NOT'); if (!empty($tax_query_in_and)) { if (!isset($q['taxonomy'])) { foreach ($tax_query_in_and as $a_tax_query) { if (!in_array($a_tax_query['taxonomy'], array('category', 'post_tag'))) { $q['taxonomy'] = $a_tax_query['taxonomy']; if ('slug' == $a_tax_query['field']) { $q['term'] = $a_tax_query['terms'][0]; } else { $q['term_id'] = $a_tax_query['terms'][0]; } break; } } } $cat_query = wp_list_filter($tax_query_in_and, array('taxonomy' => 'category')); if (!empty($cat_query)) { $cat_query = reset($cat_query); $the_cat = get_term_by($cat_query['field'], $cat_query['terms'][0], 'category'); if ($the_cat) { $this->set('cat', $the_cat->term_id); $this->set('category_name', $the_cat->slug); } unset($the_cat); } unset($cat_query); $tag_query = wp_list_filter($tax_query_in_and, array('taxonomy' => 'post_tag')); if (!empty($tag_query)) { $tag_query = reset($tag_query); $the_tag = get_term_by($tag_query['field'], $tag_query['terms'][0], 'post_tag'); if ($the_tag) { $this->set('tag_id', $the_tag->term_id); } unset($the_tag); } unset($tag_query); } } if (!empty($this->tax_query->queries) || !empty($this->meta_query->queries)) { $groupby = "{$wpdb->posts}.ID"; } // Author/user stuff if (empty($q['author']) || $q['author'] == '0') { $whichauthor = ''; } else { $q['author'] = (string) urldecode($q['author']); $q['author'] = addslashes_gpc($q['author']); if (strpos($q['author'], '-') !== false) { $eq = '!='; $andor = 'AND'; $q['author'] = explode('-', $q['author']); $q['author'] = (string) absint($q['author'][1]); } else { $eq = '='; $andor = 'OR'; } $author_array = preg_split('/[,\\s]+/', $q['author']); $_author_array = array(); foreach ($author_array as $key => $_author) { $_author_array[] = "{$wpdb->posts}.post_author " . $eq . ' ' . absint($_author); } $whichauthor .= ' AND (' . implode(" {$andor} ", $_author_array) . ')'; unset($author_array, $_author_array); } // Author stuff for nice URLs if ('' != $q['author_name']) { if (strpos($q['author_name'], '/') !== false) { $q['author_name'] = explode('/', $q['author_name']); if ($q['author_name'][count($q['author_name']) - 1]) { $q['author_name'] = $q['author_name'][count($q['author_name']) - 1]; // no trailing slash } else { $q['author_name'] = $q['author_name'][count($q['author_name']) - 2]; // there was a trailing slash } } $q['author_name'] = sanitize_title_for_query($q['author_name']); $q['author'] = get_user_by('slug', $q['author_name']); if ($q['author']) { $q['author'] = $q['author']->ID; } $whichauthor .= " AND ({$wpdb->posts}.post_author = " . absint($q['author']) . ')'; } // MIME-Type stuff for attachment browsing if (isset($q['post_mime_type']) && '' != $q['post_mime_type']) { $whichmimetype = wp_post_mime_type_where($q['post_mime_type'], $wpdb->posts); } $where .= $search . $whichauthor . $whichmimetype; if (empty($q['order']) || strtoupper($q['order']) != 'ASC' && strtoupper($q['order']) != 'DESC') { $q['order'] = 'DESC'; } // Order by if (empty($q['orderby'])) { $orderby = "{$wpdb->posts}.post_date " . $q['order']; } elseif ('none' == $q['orderby']) { $orderby = ''; } else { // Used to filter values $allowed_keys = array('name', 'author', 'date', 'title', 'modified', 'menu_order', 'parent', 'ID', 'rand', 'comment_count'); if (!empty($q['meta_key'])) { $allowed_keys[] = $q['meta_key']; $allowed_keys[] = 'meta_value'; $allowed_keys[] = 'meta_value_num'; } $q['orderby'] = urldecode($q['orderby']); $q['orderby'] = addslashes_gpc($q['orderby']); $orderby_array = array(); foreach (explode(' ', $q['orderby']) as $i => $orderby) { // Only allow certain values for safety if (!in_array($orderby, $allowed_keys)) { continue; } switch ($orderby) { case 'menu_order': break; case 'ID': $orderby = "{$wpdb->posts}.ID"; break; case 'rand': $orderby = 'RAND()'; break; case $q['meta_key']: case 'meta_value': $orderby = "{$wpdb->postmeta}.meta_value"; break; case 'meta_value_num': $orderby = "{$wpdb->postmeta}.meta_value+0"; break; case 'comment_count': $orderby = "{$wpdb->posts}.comment_count"; break; default: $orderby = "{$wpdb->posts}.post_" . $orderby; } $orderby_array[] = $orderby; } $orderby = implode(',', $orderby_array); if (empty($orderby)) { $orderby = "{$wpdb->posts}.post_date " . $q['order']; } else { $orderby .= " {$q['order']}"; } } if (is_array($post_type)) { $post_type_cap = 'multiple_post_type'; } else { $post_type_object = get_post_type_object($post_type); if (empty($post_type_object)) { $post_type_cap = $post_type; } } if ('any' == $post_type) { $in_search_post_types = get_post_types(array('exclude_from_search' => false)); if (!empty($in_search_post_types)) { $where .= $wpdb->prepare(" AND {$wpdb->posts}.post_type IN ('" . join("', '", $in_search_post_types) . "')"); } } elseif (!empty($post_type) && is_array($post_type)) { $where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", $post_type) . "')"; } elseif (!empty($post_type)) { $where .= " AND {$wpdb->posts}.post_type = '{$post_type}'"; $post_type_object = get_post_type_object($post_type); } elseif ($this->is_attachment) { $where .= " AND {$wpdb->posts}.post_type = 'attachment'"; $post_type_object = get_post_type_object('attachment'); } elseif ($this->is_page) { $where .= " AND {$wpdb->posts}.post_type = 'page'"; $post_type_object = get_post_type_object('page'); } else { $where .= " AND {$wpdb->posts}.post_type = 'post'"; $post_type_object = get_post_type_object('post'); } if (!empty($post_type_object)) { $edit_cap = $post_type_object->cap->edit_post; $read_cap = $post_type_object->cap->read_post; $edit_others_cap = $post_type_object->cap->edit_others_posts; $read_private_cap = $post_type_object->cap->read_private_posts; } else { $edit_cap = 'edit_' . $post_type_cap; $read_cap = 'read_' . $post_type_cap; $edit_others_cap = 'edit_others_' . $post_type_cap . 's'; $read_private_cap = 'read_private_' . $post_type_cap . 's'; } if (!empty($q['post_status'])) { $statuswheres = array(); $q_status = $q['post_status']; if (!is_array($q_status)) { $q_status = explode(',', $q_status); } $r_status = array(); $p_status = array(); $e_status = array(); if (in_array('any', $q_status)) { foreach (get_post_stati(array('exclude_from_search' => true)) as $status) { $e_status[] = "{$wpdb->posts}.post_status <> '{$status}'"; } } else { foreach (get_post_stati() as $status) { if (in_array($status, $q_status)) { if ('private' == $status) { $p_status[] = "{$wpdb->posts}.post_status = '{$status}'"; } else { $r_status[] = "{$wpdb->posts}.post_status = '{$status}'"; } } } } if (empty($q['perm']) || 'readable' != $q['perm']) { $r_status = array_merge($r_status, $p_status); unset($p_status); } if (!empty($e_status)) { $statuswheres[] = "(" . join(' AND ', $e_status) . ")"; } if (!empty($r_status)) { if (!empty($q['perm']) && 'editable' == $q['perm'] && !current_user_can($edit_others_cap)) { $statuswheres[] = "({$wpdb->posts}.post_author = {$user_ID} " . "AND (" . join(' OR ', $r_status) . "))"; } else { $statuswheres[] = "(" . join(' OR ', $r_status) . ")"; } } if (!empty($p_status)) { if (!empty($q['perm']) && 'readable' == $q['perm'] && !current_user_can($read_private_cap)) { $statuswheres[] = "({$wpdb->posts}.post_author = {$user_ID} " . "AND (" . join(' OR ', $p_status) . "))"; } else { $statuswheres[] = "(" . join(' OR ', $p_status) . ")"; } } if ($post_status_join) { $join .= " LEFT JOIN {$wpdb->posts} AS p2 ON ({$wpdb->posts}.post_parent = p2.ID) "; foreach ($statuswheres as $index => $statuswhere) { $statuswheres[$index] = "({$statuswhere} OR ({$wpdb->posts}.post_status = 'inherit' AND " . str_replace($wpdb->posts, 'p2', $statuswhere) . "))"; } } foreach ($statuswheres as $statuswhere) { $where .= " AND {$statuswhere}"; } } elseif (!$this->is_singular) { $where .= " AND ({$wpdb->posts}.post_status = 'publish'"; // Add public states. $public_states = get_post_stati(array('public' => true)); foreach ((array) $public_states as $state) { if ('publish' == $state) { // Publish is hard-coded above. continue; } $where .= " OR {$wpdb->posts}.post_status = '{$state}'"; } if ($this->is_admin) { // Add protected states that should show in the admin all list. $admin_all_states = get_post_stati(array('protected' => true, 'show_in_admin_all_list' => true)); foreach ((array) $admin_all_states as $state) { $where .= " OR {$wpdb->posts}.post_status = '{$state}'"; } } if (is_user_logged_in()) { // Add private states that are limited to viewing by the author of a post or someone who has caps to read private states. $private_states = get_post_stati(array('private' => true)); foreach ((array) $private_states as $state) { $where .= current_user_can($read_private_cap) ? " OR {$wpdb->posts}.post_status = '{$state}'" : " OR {$wpdb->posts}.post_author = {$user_ID} AND {$wpdb->posts}.post_status = '{$state}'"; } } $where .= ')'; } if (!empty($this->meta_query->queries)) { $clauses = $this->meta_query->get_sql('post', $wpdb->posts, 'ID', $this); $join .= $clauses['join']; $where .= $clauses['where']; } // Apply filters on where and join prior to paging so that any // manipulations to them are reflected in the paging by day queries. if (!$q['suppress_filters']) { $where = apply_filters_ref_array('posts_where', array($where, &$this)); $join = apply_filters_ref_array('posts_join', array($join, &$this)); } // Paging if (empty($q['nopaging']) && !$this->is_singular) { $page = absint($q['paged']); if (!$page) { $page = 1; } if (empty($q['offset'])) { $pgstrt = ($page - 1) * $q['posts_per_page'] . ', '; } else { // we're ignoring $page and using 'offset' $q['offset'] = absint($q['offset']); $pgstrt = $q['offset'] . ', '; } $limits = 'LIMIT ' . $pgstrt . $q['posts_per_page']; } // Comments feeds if ($this->is_comment_feed && ($this->is_archive || $this->is_search || !$this->is_singular)) { if ($this->is_archive || $this->is_search) { $cjoin = "JOIN {$wpdb->posts} ON ({$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID) {$join} "; $cwhere = "WHERE comment_approved = '1' {$where}"; $cgroupby = "{$wpdb->comments}.comment_id"; } else { // Other non singular e.g. front $cjoin = "JOIN {$wpdb->posts} ON ( {$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID )"; $cwhere = "WHERE post_status = 'publish' AND comment_approved = '1'"; $cgroupby = ''; } if (!$q['suppress_filters']) { $cjoin = apply_filters_ref_array('comment_feed_join', array($cjoin, &$this)); $cwhere = apply_filters_ref_array('comment_feed_where', array($cwhere, &$this)); $cgroupby = apply_filters_ref_array('comment_feed_groupby', array($cgroupby, &$this)); $corderby = apply_filters_ref_array('comment_feed_orderby', array('comment_date_gmt DESC', &$this)); $climits = apply_filters_ref_array('comment_feed_limits', array('LIMIT ' . get_option('posts_per_rss'), &$this)); } $cgroupby = !empty($cgroupby) ? 'GROUP BY ' . $cgroupby : ''; $corderby = !empty($corderby) ? 'ORDER BY ' . $corderby : ''; $this->comments = (array) $wpdb->get_results("SELECT {$distinct} {$wpdb->comments}.* FROM {$wpdb->comments} {$cjoin} {$cwhere} {$cgroupby} {$corderby} {$climits}"); $this->comment_count = count($this->comments); $post_ids = array(); foreach ($this->comments as $comment) { $post_ids[] = (int) $comment->comment_post_ID; } $post_ids = join(',', $post_ids); $join = ''; if ($post_ids) { $where = "AND {$wpdb->posts}.ID IN ({$post_ids}) "; } else { $where = "AND 0"; } } $pieces = array('where', 'groupby', 'join', 'orderby', 'distinct', 'fields', 'limits'); // Apply post-paging filters on where and join. Only plugins that // manipulate paging queries should use these hooks. if (!$q['suppress_filters']) { $where = apply_filters_ref_array('posts_where_paged', array($where, &$this)); $groupby = apply_filters_ref_array('posts_groupby', array($groupby, &$this)); $join = apply_filters_ref_array('posts_join_paged', array($join, &$this)); $orderby = apply_filters_ref_array('posts_orderby', array($orderby, &$this)); $distinct = apply_filters_ref_array('posts_distinct', array($distinct, &$this)); $limits = apply_filters_ref_array('post_limits', array($limits, &$this)); $fields = apply_filters_ref_array('posts_fields', array($fields, &$this)); // Filter all clauses at once, for convenience $clauses = (array) apply_filters_ref_array('posts_clauses', array(compact($pieces), &$this)); foreach ($pieces as $piece) { ${$piece} = isset($clauses[$piece]) ? $clauses[$piece] : ''; } } // Announce current selection parameters. For use by caching plugins. do_action('posts_selection', $where . $groupby . $orderby . $limits . $join); // Filter again for the benefit of caching plugins. Regular plugins should use the hooks above. if (!$q['suppress_filters']) { $where = apply_filters_ref_array('posts_where_request', array($where, &$this)); $groupby = apply_filters_ref_array('posts_groupby_request', array($groupby, &$this)); $join = apply_filters_ref_array('posts_join_request', array($join, &$this)); $orderby = apply_filters_ref_array('posts_orderby_request', array($orderby, &$this)); $distinct = apply_filters_ref_array('posts_distinct_request', array($distinct, &$this)); $fields = apply_filters_ref_array('posts_fields_request', array($fields, &$this)); $limits = apply_filters_ref_array('post_limits_request', array($limits, &$this)); // Filter all clauses at once, for convenience $clauses = (array) apply_filters_ref_array('posts_clauses_request', array(compact($pieces), &$this)); foreach ($pieces as $piece) { ${$piece} = isset($clauses[$piece]) ? $clauses[$piece] : ''; } } if (!empty($groupby)) { $groupby = 'GROUP BY ' . $groupby; } if (!empty($orderby)) { $orderby = 'ORDER BY ' . $orderby; } $found_rows = ''; if (!$q['no_found_rows'] && !empty($limits)) { $found_rows = 'SQL_CALC_FOUND_ROWS'; } $this->request = $old_request = "SELECT {$found_rows} {$distinct} {$fields} FROM {$wpdb->posts} {$join} WHERE 1=1 {$where} {$groupby} {$orderby} {$limits}"; if (!$q['suppress_filters']) { $this->request = apply_filters_ref_array('posts_request', array($this->request, &$this)); } if ('ids' == $q['fields']) { $this->posts = $wpdb->get_col($this->request); return $this->posts; } if ('id=>parent' == $q['fields']) { $this->posts = $wpdb->get_results($this->request); $r = array(); foreach ($this->posts as $post) { $r[$post->ID] = $post->post_parent; } return $r; } if ($old_request == $this->request && "{$wpdb->posts}.*" == $fields) { // First get the IDs and then fill in the objects $this->request = "SELECT {$found_rows} {$distinct} {$wpdb->posts}.ID FROM {$wpdb->posts} {$join} WHERE 1=1 {$where} {$groupby} {$orderby} {$limits}"; $this->request = apply_filters('posts_request_ids', $this->request, $this); $ids = $wpdb->get_col($this->request); if ($ids) { $this->set_found_posts($q, $limits); _prime_post_caches($ids, $q['update_post_term_cache'], $q['update_post_meta_cache']); $this->posts = array_map('get_post', $ids); } else { $this->found_posts = $this->max_num_pages = 0; $this->posts = array(); } } else { $this->posts = $wpdb->get_results($this->request); $this->set_found_posts($q, $limits); } // Raw results filter. Prior to status checks. if (!$q['suppress_filters']) { $this->posts = apply_filters_ref_array('posts_results', array($this->posts, &$this)); } if (!empty($this->posts) && $this->is_comment_feed && $this->is_singular) { $cjoin = apply_filters_ref_array('comment_feed_join', array('', &$this)); $cwhere = apply_filters_ref_array('comment_feed_where', array("WHERE comment_post_ID = '{$this->posts[0]->ID}' AND comment_approved = '1'", &$this)); $cgroupby = apply_filters_ref_array('comment_feed_groupby', array('', &$this)); $cgroupby = !empty($cgroupby) ? 'GROUP BY ' . $cgroupby : ''; $corderby = apply_filters_ref_array('comment_feed_orderby', array('comment_date_gmt DESC', &$this)); $corderby = !empty($corderby) ? 'ORDER BY ' . $corderby : ''; $climits = apply_filters_ref_array('comment_feed_limits', array('LIMIT ' . get_option('posts_per_rss'), &$this)); $comments_request = "SELECT {$wpdb->comments}.* FROM {$wpdb->comments} {$cjoin} {$cwhere} {$cgroupby} {$corderby} {$climits}"; $this->comments = $wpdb->get_results($comments_request); $this->comment_count = count($this->comments); } // Check post status to determine if post should be displayed. if (!empty($this->posts) && ($this->is_single || $this->is_page)) { $status = get_post_status($this->posts[0]->ID); $post_status_obj = get_post_status_object($status); //$type = get_post_type($this->posts[0]); if (!$post_status_obj->public) { if (!is_user_logged_in()) { // User must be logged in to view unpublished posts. $this->posts = array(); } else { if ($post_status_obj->protected) { // User must have edit permissions on the draft to preview. if (!current_user_can($edit_cap, $this->posts[0]->ID)) { $this->posts = array(); } else { $this->is_preview = true; if ('future' != $status) { $this->posts[0]->post_date = current_time('mysql'); } } } elseif ($post_status_obj->private) { if (!current_user_can($read_cap, $this->posts[0]->ID)) { $this->posts = array(); } } else { $this->posts = array(); } } } if ($this->is_preview && $this->posts && current_user_can($edit_cap, $this->posts[0]->ID)) { $this->posts[0] = apply_filters_ref_array('the_preview', array($this->posts[0], &$this)); } } // Put sticky posts at the top of the posts array $sticky_posts = get_option('sticky_posts'); if ($this->is_home && $page <= 1 && is_array($sticky_posts) && !empty($sticky_posts) && !$q['ignore_sticky_posts']) { $num_posts = count($this->posts); $sticky_offset = 0; // Loop over posts and relocate stickies to the front. for ($i = 0; $i < $num_posts; $i++) { if (in_array($this->posts[$i]->ID, $sticky_posts)) { $sticky_post = $this->posts[$i]; // Remove sticky from current position array_splice($this->posts, $i, 1); // Move to front, after other stickies array_splice($this->posts, $sticky_offset, 0, array($sticky_post)); // Increment the sticky offset. The next sticky will be placed at this offset. $sticky_offset++; // Remove post from sticky posts array $offset = array_search($sticky_post->ID, $sticky_posts); unset($sticky_posts[$offset]); } } // If any posts have been excluded specifically, Ignore those that are sticky. if (!empty($sticky_posts) && !empty($q['post__not_in'])) { $sticky_posts = array_diff($sticky_posts, $q['post__not_in']); } // Fetch sticky posts that weren't in the query results if (!empty($sticky_posts)) { $stickies__in = implode(',', array_map('absint', $sticky_posts)); // honor post type(s) if not set to any $stickies_where = ''; if ('any' != $post_type && '' != $post_type) { if (is_array($post_type)) { $post_types = join("', '", $post_type); } else { $post_types = $post_type; } $stickies_where = "AND {$wpdb->posts}.post_type IN ('" . $post_types . "')"; } $stickies = $wpdb->get_results("SELECT * FROM {$wpdb->posts} WHERE {$wpdb->posts}.ID IN ({$stickies__in}) {$stickies_where}"); foreach ($stickies as $sticky_post) { // Ignore sticky posts the current user cannot read or are not published. if ('publish' != $sticky_post->post_status) { continue; } array_splice($this->posts, $sticky_offset, 0, array($sticky_post)); $sticky_offset++; } } } if (!$q['suppress_filters']) { $this->posts = apply_filters_ref_array('the_posts', array($this->posts, &$this)); } $this->post_count = count($this->posts); // Always sanitize foreach ($this->posts as $i => $post) { $this->posts[$i] = sanitize_post($post, 'raw'); } if ($q['cache_results']) { update_post_caches($this->posts, $post_type, $q['update_post_term_cache'], $q['update_post_meta_cache']); } if ($this->post_count > 0) { $this->post = $this->posts[0]; } return $this->posts; }
/** * Retrieve the posts based on query variables. * * There are a few filters and actions that can be used to modify the post * database query. * * @since 1.5.0 * @access public * * @return array List of posts. */ public function get_posts() { $this->parse_query(); /** * Fires after the query variable object is created, but before the actual query is run. * * Note: If using conditional tags, use the method versions within the passed instance * (e.g. $this->is_main_query() instead of is_main_query()). This is because the functions * like is_main_query() test against the global $wp_query instance, not the passed one. * * @since 2.0.0 * * @param WP_Query &$this The WP_Query instance (passed by reference). */ do_action_ref_array('pre_get_posts', array(&$this)); // Shorthand. $q =& $this->query_vars; // Fill again in case pre_get_posts unset some vars. $q = $this->fill_query_vars($q); // Parse meta query $this->meta_query = new WP_Meta_Query(); $this->meta_query->parse_query_vars($q); // Set a flag if a pre_get_posts hook changed the query vars. $hash = md5(serialize($this->query_vars)); if ($hash != $this->query_vars_hash) { $this->query_vars_changed = true; $this->query_vars_hash = $hash; } unset($hash); // First let's clear some variables $distinct = ''; $whichauthor = ''; $whichmimetype = ''; $where = ''; $limits = ''; $join = ''; $search = ''; $groupby = ''; $post_status_join = false; $page = 1; if (isset($q['caller_get_posts'])) { _deprecated_argument('WP_Query', '3.1.0', __('"caller_get_posts" is deprecated. Use "ignore_sticky_posts" instead.')); if (!isset($q['ignore_sticky_posts'])) { $q['ignore_sticky_posts'] = $q['caller_get_posts']; } } if (!isset($q['ignore_sticky_posts'])) { $q['ignore_sticky_posts'] = false; } if (!isset($q['suppress_filters'])) { $q['suppress_filters'] = false; } if (!isset($q['cache_results'])) { if (wp_using_ext_object_cache()) { $q['cache_results'] = false; } else { $q['cache_results'] = true; } } if (!isset($q['update_post_term_cache'])) { $q['update_post_term_cache'] = true; } if (!isset($q['lazy_load_term_meta'])) { $q['lazy_load_term_meta'] = $q['update_post_term_cache']; } if (!isset($q['update_post_meta_cache'])) { $q['update_post_meta_cache'] = true; } if (!isset($q['post_type'])) { if ($this->is_search) { $q['post_type'] = 'any'; } else { $q['post_type'] = ''; } } $post_type = $q['post_type']; if (empty($q['posts_per_page'])) { $q['posts_per_page'] = get_option('posts_per_page'); } if (isset($q['showposts']) && $q['showposts']) { $q['showposts'] = (int) $q['showposts']; $q['posts_per_page'] = $q['showposts']; } if (isset($q['posts_per_archive_page']) && $q['posts_per_archive_page'] != 0 && ($this->is_archive || $this->is_search)) { $q['posts_per_page'] = $q['posts_per_archive_page']; } if (!isset($q['nopaging'])) { if ($q['posts_per_page'] == -1) { $q['nopaging'] = true; } else { $q['nopaging'] = false; } } if ($this->is_feed) { // This overrides posts_per_page. if (!empty($q['posts_per_rss'])) { $q['posts_per_page'] = $q['posts_per_rss']; } else { $q['posts_per_page'] = get_option('posts_per_rss'); } $q['nopaging'] = false; } $q['posts_per_page'] = (int) $q['posts_per_page']; if ($q['posts_per_page'] < -1) { $q['posts_per_page'] = abs($q['posts_per_page']); } elseif ($q['posts_per_page'] == 0) { $q['posts_per_page'] = 1; } if (!isset($q['comments_per_page']) || $q['comments_per_page'] == 0) { $q['comments_per_page'] = get_option('comments_per_page'); } if ($this->is_home && (empty($this->query) || $q['preview'] == 'true') && 'page' == get_option('show_on_front') && get_option('page_on_front')) { $this->is_page = true; $this->is_home = false; $q['page_id'] = get_option('page_on_front'); } if (isset($q['page'])) { $q['page'] = trim($q['page'], '/'); $q['page'] = absint($q['page']); } // If true, forcibly turns off SQL_CALC_FOUND_ROWS even when limits are present. if (isset($q['no_found_rows'])) { $q['no_found_rows'] = (bool) $q['no_found_rows']; } else { $q['no_found_rows'] = false; } switch ($q['fields']) { case 'ids': $fields = "{$this->db->posts}.ID"; break; case 'id=>parent': $fields = "{$this->db->posts}.ID, {$this->db->posts}.post_parent"; break; default: $fields = "{$this->db->posts}.*"; } if ('' !== $q['menu_order']) { $where .= " AND {$this->db->posts}.menu_order = " . $q['menu_order']; } // The "m" parameter is meant for months but accepts datetimes of varying specificity if ($q['m']) { $where .= " AND YEAR({$this->db->posts}.post_date)=" . substr($q['m'], 0, 4); if (strlen($q['m']) > 5) { $where .= " AND MONTH({$this->db->posts}.post_date)=" . substr($q['m'], 4, 2); } if (strlen($q['m']) > 7) { $where .= " AND DAYOFMONTH({$this->db->posts}.post_date)=" . substr($q['m'], 6, 2); } if (strlen($q['m']) > 9) { $where .= " AND HOUR({$this->db->posts}.post_date)=" . substr($q['m'], 8, 2); } if (strlen($q['m']) > 11) { $where .= " AND MINUTE({$this->db->posts}.post_date)=" . substr($q['m'], 10, 2); } if (strlen($q['m']) > 13) { $where .= " AND SECOND({$this->db->posts}.post_date)=" . substr($q['m'], 12, 2); } } // Handle the other individual date parameters $date_parameters = array(); if ('' !== $q['hour']) { $date_parameters['hour'] = $q['hour']; } if ('' !== $q['minute']) { $date_parameters['minute'] = $q['minute']; } if ('' !== $q['second']) { $date_parameters['second'] = $q['second']; } if ($q['year']) { $date_parameters['year'] = $q['year']; } if ($q['monthnum']) { $date_parameters['monthnum'] = $q['monthnum']; } if ($q['w']) { $date_parameters['week'] = $q['w']; } if ($q['day']) { $date_parameters['day'] = $q['day']; } if ($date_parameters) { $date_query = new WP_Date_Query(array($date_parameters)); $where .= $date_query->get_sql(); } unset($date_parameters, $date_query); // Handle complex date queries if (!empty($q['date_query'])) { $this->date_query = new WP_Date_Query($q['date_query']); $where .= $this->date_query->get_sql(); } // If we've got a post_type AND it's not "any" post_type. if (!empty($q['post_type']) && 'any' != $q['post_type']) { foreach ((array) $q['post_type'] as $_post_type) { $ptype_obj = get_post_type_object($_post_type); if (!$ptype_obj || !$ptype_obj->query_var || empty($q[$ptype_obj->query_var])) { continue; } if (!$ptype_obj->hierarchical) { // Non-hierarchical post types can directly use 'name'. $q['name'] = $q[$ptype_obj->query_var]; } else { // Hierarchical post types will operate through 'pagename'. $q['pagename'] = $q[$ptype_obj->query_var]; $q['name'] = ''; } // Only one request for a slug is possible, this is why name & pagename are overwritten above. break; } //end foreach unset($ptype_obj); } if ('' !== $q['title']) { $where .= $this->db->prepare(" AND {$this->db->posts}.post_title = %s", stripslashes($q['title'])); } // Parameters related to 'post_name'. if ('' != $q['name']) { $q['name'] = sanitize_title_for_query($q['name']); $where .= " AND {$this->db->posts}.post_name = '" . $q['name'] . "'"; } elseif ('' != $q['pagename']) { if (isset($this->queried_object_id)) { $reqpage = $this->queried_object_id; } else { if ('page' != $q['post_type']) { foreach ((array) $q['post_type'] as $_post_type) { $ptype_obj = get_post_type_object($_post_type); if (!$ptype_obj || !$ptype_obj->hierarchical) { continue; } $reqpage = get_page_by_path($q['pagename'], OBJECT, $_post_type); if ($reqpage) { break; } } unset($ptype_obj); } else { $reqpage = get_page_by_path($q['pagename']); } if (!empty($reqpage)) { $reqpage = $reqpage->ID; } else { $reqpage = 0; } } $page_for_posts = get_option('page_for_posts'); if ('page' != get_option('show_on_front') || empty($page_for_posts) || $reqpage != $page_for_posts) { $q['pagename'] = sanitize_title_for_query(wp_basename($q['pagename'])); $q['name'] = $q['pagename']; $where .= " AND ({$this->db->posts}.ID = '{$reqpage}')"; $reqpage_obj = get_post($reqpage); if (is_object($reqpage_obj) && 'attachment' == $reqpage_obj->post_type) { $this->is_attachment = true; $post_type = $q['post_type'] = 'attachment'; $this->is_page = true; $q['attachment_id'] = $reqpage; } } } elseif ('' != $q['attachment']) { $q['attachment'] = sanitize_title_for_query(wp_basename($q['attachment'])); $q['name'] = $q['attachment']; $where .= " AND {$this->db->posts}.post_name = '" . $q['attachment'] . "'"; } elseif (is_array($q['post_name__in']) && !empty($q['post_name__in'])) { $q['post_name__in'] = array_map('sanitize_title_for_query', $q['post_name__in']); $post_name__in = "'" . implode("','", $q['post_name__in']) . "'"; $where .= " AND {$this->db->posts}.post_name IN ({$post_name__in})"; } // If an attachment is requested by number, let it supersede any post number. if ($q['attachment_id']) { $q['p'] = absint($q['attachment_id']); } // If a post number is specified, load that post if ($q['p']) { $where .= " AND {$this->db->posts}.ID = " . $q['p']; } elseif ($q['post__in']) { $post__in = implode(',', array_map('absint', $q['post__in'])); $where .= " AND {$this->db->posts}.ID IN ({$post__in})"; } elseif ($q['post__not_in']) { $post__not_in = implode(',', array_map('absint', $q['post__not_in'])); $where .= " AND {$this->db->posts}.ID NOT IN ({$post__not_in})"; } if (is_numeric($q['post_parent'])) { $where .= $this->db->prepare(" AND {$this->db->posts}.post_parent = %d ", $q['post_parent']); } elseif ($q['post_parent__in']) { $post_parent__in = implode(',', array_map('absint', $q['post_parent__in'])); $where .= " AND {$this->db->posts}.post_parent IN ({$post_parent__in})"; } elseif ($q['post_parent__not_in']) { $post_parent__not_in = implode(',', array_map('absint', $q['post_parent__not_in'])); $where .= " AND {$this->db->posts}.post_parent NOT IN ({$post_parent__not_in})"; } if ($q['page_id']) { if ('page' != get_option('show_on_front') || $q['page_id'] != get_option('page_for_posts')) { $q['p'] = $q['page_id']; $where = " AND {$this->db->posts}.ID = " . $q['page_id']; } } // If a search pattern is specified, load the posts that match. if (strlen($q['s'])) { $search = $this->parse_search($q); } if (!$q['suppress_filters']) { /** * Filters the search SQL that is used in the WHERE clause of WP_Query. * * @since 3.0.0 * * @param string $search Search SQL for WHERE clause. * @param WP_Query $this The current WP_Query object. */ $search = apply_filters_ref_array('posts_search', array($search, &$this)); } // Taxonomies if (!$this->is_singular) { $this->parse_tax_query($q); $clauses = $this->tax_query->get_sql($this->db->posts, 'ID'); $join .= $clauses['join']; $where .= $clauses['where']; } if ($this->is_tax) { if (empty($post_type)) { // Do a fully inclusive search for currently registered post types of queried taxonomies $post_type = array(); $taxonomies = array_keys($this->tax_query->queried_terms); foreach (get_post_types(array('exclude_from_search' => false)) as $pt) { $object_taxonomies = $pt === 'attachment' ? get_taxonomies_for_attachments() : get_object_taxonomies($pt); if (array_intersect($taxonomies, $object_taxonomies)) { $post_type[] = $pt; } } if (!$post_type) { $post_type = 'any'; } elseif (count($post_type) == 1) { $post_type = $post_type[0]; } $post_status_join = true; } elseif (in_array('attachment', (array) $post_type)) { $post_status_join = true; } } /* * Ensure that 'taxonomy', 'term', 'term_id', 'cat', and * 'category_name' vars are set for backward compatibility. */ if (!empty($this->tax_query->queried_terms)) { /* * Set 'taxonomy', 'term', and 'term_id' to the * first taxonomy other than 'post_tag' or 'category'. */ if (!isset($q['taxonomy'])) { foreach ($this->tax_query->queried_terms as $queried_taxonomy => $queried_items) { if (empty($queried_items['terms'][0])) { continue; } if (!in_array($queried_taxonomy, array('category', 'post_tag'))) { $q['taxonomy'] = $queried_taxonomy; if ('slug' === $queried_items['field']) { $q['term'] = $queried_items['terms'][0]; } else { $q['term_id'] = $queried_items['terms'][0]; } // Take the first one we find. break; } } } // 'cat', 'category_name', 'tag_id' foreach ($this->tax_query->queried_terms as $queried_taxonomy => $queried_items) { if (empty($queried_items['terms'][0])) { continue; } if ('category' === $queried_taxonomy) { $the_cat = get_term_by($queried_items['field'], $queried_items['terms'][0], 'category'); if ($the_cat) { $this->set('cat', $the_cat->term_id); $this->set('category_name', $the_cat->slug); } unset($the_cat); } if ('post_tag' === $queried_taxonomy) { $the_tag = get_term_by($queried_items['field'], $queried_items['terms'][0], 'post_tag'); if ($the_tag) { $this->set('tag_id', $the_tag->term_id); } unset($the_tag); } } } if (!empty($this->tax_query->queries) || !empty($this->meta_query->queries)) { $groupby = "{$this->db->posts}.ID"; } // Author/user stuff if (!empty($q['author']) && $q['author'] != '0') { $q['author'] = addslashes_gpc('' . urldecode($q['author'])); $authors = array_unique(array_map('intval', preg_split('/[,\\s]+/', $q['author']))); foreach ($authors as $author) { $key = $author > 0 ? 'author__in' : 'author__not_in'; $q[$key][] = abs($author); } $q['author'] = implode(',', $authors); } if (!empty($q['author__not_in'])) { $author__not_in = implode(',', array_map('absint', array_unique((array) $q['author__not_in']))); $where .= " AND {$this->db->posts}.post_author NOT IN ({$author__not_in}) "; } elseif (!empty($q['author__in'])) { $author__in = implode(',', array_map('absint', array_unique((array) $q['author__in']))); $where .= " AND {$this->db->posts}.post_author IN ({$author__in}) "; } // Author stuff for nice URLs if ('' != $q['author_name']) { if (strpos($q['author_name'], '/') !== false) { $q['author_name'] = explode('/', $q['author_name']); if ($q['author_name'][count($q['author_name']) - 1]) { $q['author_name'] = $q['author_name'][count($q['author_name']) - 1]; // no trailing slash } else { $q['author_name'] = $q['author_name'][count($q['author_name']) - 2]; // there was a trailing slash } } $q['author_name'] = sanitize_title_for_query($q['author_name']); $q['author'] = get_user_by('slug', $q['author_name']); if ($q['author']) { $q['author'] = $q['author']->ID; } $whichauthor .= " AND ({$this->db->posts}.post_author = " . absint($q['author']) . ')'; } // MIME-Type stuff for attachment browsing if (isset($q['post_mime_type']) && '' != $q['post_mime_type']) { $whichmimetype = wp_post_mime_type_where($q['post_mime_type'], $this->db->posts); } $where .= $search . $whichauthor . $whichmimetype; if (!empty($this->meta_query->queries)) { $clauses = $this->meta_query->get_sql('post', $this->db->posts, 'ID', $this); $join .= $clauses['join']; $where .= $clauses['where']; } $rand = isset($q['orderby']) && 'rand' === $q['orderby']; if (!isset($q['order'])) { $q['order'] = $rand ? '' : 'DESC'; } else { $q['order'] = $rand ? '' : $this->parse_order($q['order']); } // Order by. if (empty($q['orderby'])) { /* * Boolean false or empty array blanks out ORDER BY, * while leaving the value unset or otherwise empty sets the default. */ if (isset($q['orderby']) && (is_array($q['orderby']) || false === $q['orderby'])) { $orderby = ''; } else { $orderby = "{$this->db->posts}.post_date " . $q['order']; } } elseif ('none' == $q['orderby']) { $orderby = ''; } elseif ($q['orderby'] == 'post__in' && !empty($post__in)) { $orderby = "FIELD( {$this->db->posts}.ID, {$post__in} )"; } elseif ($q['orderby'] == 'post_parent__in' && !empty($post_parent__in)) { $orderby = "FIELD( {$this->db->posts}.post_parent, {$post_parent__in} )"; } elseif ($q['orderby'] == 'post_name__in' && !empty($post_name__in)) { $orderby = "FIELD( {$this->db->posts}.post_name, {$post_name__in} )"; } else { $orderby_array = array(); if (is_array($q['orderby'])) { foreach ($q['orderby'] as $_orderby => $order) { $orderby = addslashes_gpc(urldecode($_orderby)); $parsed = $this->parse_orderby($orderby); if (!$parsed) { continue; } $orderby_array[] = $parsed . ' ' . $this->parse_order($order); } $orderby = implode(', ', $orderby_array); } else { $q['orderby'] = urldecode($q['orderby']); $q['orderby'] = addslashes_gpc($q['orderby']); foreach (explode(' ', $q['orderby']) as $i => $orderby) { $parsed = $this->parse_orderby($orderby); // Only allow certain values for safety. if (!$parsed) { continue; } $orderby_array[] = $parsed; } $orderby = implode(' ' . $q['order'] . ', ', $orderby_array); if (empty($orderby)) { $orderby = "{$this->db->posts}.post_date " . $q['order']; } elseif (!empty($q['order'])) { $orderby .= " {$q['order']}"; } } } // Order search results by relevance only when another "orderby" is not specified in the query. if (!empty($q['s'])) { $search_orderby = ''; if (!empty($q['search_orderby_title']) && (empty($q['orderby']) && !$this->is_feed) || isset($q['orderby']) && 'relevance' === $q['orderby']) { $search_orderby = $this->parse_search_order($q); } if (!$q['suppress_filters']) { /** * Filters the ORDER BY used when ordering search results. * * @since 3.7.0 * * @param string $search_orderby The ORDER BY clause. * @param WP_Query $this The current WP_Query instance. */ $search_orderby = apply_filters('posts_search_orderby', $search_orderby, $this); } if ($search_orderby) { $orderby = $orderby ? $search_orderby . ', ' . $orderby : $search_orderby; } } if (is_array($post_type) && count($post_type) > 1) { $post_type_cap = 'multiple_post_type'; } else { if (is_array($post_type)) { $post_type = reset($post_type); } $post_type_object = get_post_type_object($post_type); if (empty($post_type_object)) { $post_type_cap = $post_type; } } if (isset($q['post_password'])) { $where .= $this->db->prepare(" AND {$this->db->posts}.post_password = %s", $q['post_password']); if (empty($q['perm'])) { $q['perm'] = 'readable'; } } elseif (isset($q['has_password'])) { $where .= sprintf(" AND {$this->db->posts}.post_password %s ''", $q['has_password'] ? '!=' : '='); } if (!empty($q['comment_status'])) { $where .= $this->db->prepare(" AND {$this->db->posts}.comment_status = %s ", $q['comment_status']); } if (!empty($q['ping_status'])) { $where .= $this->db->prepare(" AND {$this->db->posts}.ping_status = %s ", $q['ping_status']); } if ('any' == $post_type) { $in_search_post_types = get_post_types(array('exclude_from_search' => false)); if (empty($in_search_post_types)) { $where .= ' AND 1=0 '; } else { $where .= " AND {$this->db->posts}.post_type IN ('" . join("', '", $in_search_post_types) . "')"; } } elseif (!empty($post_type) && is_array($post_type)) { $where .= " AND {$this->db->posts}.post_type IN ('" . join("', '", $post_type) . "')"; } elseif (!empty($post_type)) { $where .= " AND {$this->db->posts}.post_type = '{$post_type}'"; $post_type_object = get_post_type_object($post_type); } elseif ($this->is_attachment) { $where .= " AND {$this->db->posts}.post_type = 'attachment'"; $post_type_object = get_post_type_object('attachment'); } elseif ($this->is_page) { $where .= " AND {$this->db->posts}.post_type = 'page'"; $post_type_object = get_post_type_object('page'); } else { $where .= " AND {$this->db->posts}.post_type = 'post'"; $post_type_object = get_post_type_object('post'); } $edit_cap = 'edit_post'; $read_cap = 'read_post'; if (!empty($post_type_object)) { $edit_others_cap = $post_type_object->cap->edit_others_posts; $read_private_cap = $post_type_object->cap->read_private_posts; } else { $edit_others_cap = 'edit_others_' . $post_type_cap . 's'; $read_private_cap = 'read_private_' . $post_type_cap . 's'; } $user_id = get_current_user_id(); $q_status = array(); if (!empty($q['post_status'])) { $statuswheres = array(); $q_status = $q['post_status']; if (!is_array($q_status)) { $q_status = explode(',', $q_status); } $r_status = array(); $p_status = array(); $e_status = array(); if (in_array('any', $q_status)) { foreach (get_post_stati(array('exclude_from_search' => true)) as $status) { if (!in_array($status, $q_status)) { $e_status[] = "{$this->db->posts}.post_status <> '{$status}'"; } } } else { foreach (get_post_stati() as $status) { if (in_array($status, $q_status)) { if ('private' == $status) { $p_status[] = "{$this->db->posts}.post_status = '{$status}'"; } else { $r_status[] = "{$this->db->posts}.post_status = '{$status}'"; } } } } if (empty($q['perm']) || 'readable' != $q['perm']) { $r_status = array_merge($r_status, $p_status); unset($p_status); } if (!empty($e_status)) { $statuswheres[] = "(" . join(' AND ', $e_status) . ")"; } if (!empty($r_status)) { if (!empty($q['perm']) && 'editable' == $q['perm'] && !current_user_can($edit_others_cap)) { $statuswheres[] = "({$this->db->posts}.post_author = {$user_id} " . "AND (" . join(' OR ', $r_status) . "))"; } else { $statuswheres[] = "(" . join(' OR ', $r_status) . ")"; } } if (!empty($p_status)) { if (!empty($q['perm']) && 'readable' == $q['perm'] && !current_user_can($read_private_cap)) { $statuswheres[] = "({$this->db->posts}.post_author = {$user_id} " . "AND (" . join(' OR ', $p_status) . "))"; } else { $statuswheres[] = "(" . join(' OR ', $p_status) . ")"; } } if ($post_status_join) { $join .= " LEFT JOIN {$this->db->posts} AS p2 ON ({$this->db->posts}.post_parent = p2.ID) "; foreach ($statuswheres as $index => $statuswhere) { $statuswheres[$index] = "({$statuswhere} OR ({$this->db->posts}.post_status = 'inherit' AND " . str_replace($this->db->posts, 'p2', $statuswhere) . "))"; } } $where_status = implode(' OR ', $statuswheres); if (!empty($where_status)) { $where .= " AND ({$where_status})"; } } elseif (!$this->is_singular) { $where .= " AND ({$this->db->posts}.post_status = 'publish'"; // Add public states. $public_states = get_post_stati(array('public' => true)); foreach ((array) $public_states as $state) { if ('publish' == $state) { // Publish is hard-coded above. continue; } $where .= " OR {$this->db->posts}.post_status = '{$state}'"; } if ($this->is_admin) { // Add protected states that should show in the admin all list. $admin_all_states = get_post_stati(array('protected' => true, 'show_in_admin_all_list' => true)); foreach ((array) $admin_all_states as $state) { $where .= " OR {$this->db->posts}.post_status = '{$state}'"; } } if (is_user_logged_in()) { // Add private states that are limited to viewing by the author of a post or someone who has caps to read private states. $private_states = get_post_stati(array('private' => true)); foreach ((array) $private_states as $state) { $where .= current_user_can($read_private_cap) ? " OR {$this->db->posts}.post_status = '{$state}'" : " OR {$this->db->posts}.post_author = {$user_id} AND {$this->db->posts}.post_status = '{$state}'"; } } $where .= ')'; } /* * Apply filters on where and join prior to paging so that any * manipulations to them are reflected in the paging by day queries. */ if (!$q['suppress_filters']) { /** * Filters the WHERE clause of the query. * * @since 1.5.0 * * @param string $where The WHERE clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $where = apply_filters_ref_array('posts_where', array($where, &$this)); /** * Filters the JOIN clause of the query. * * @since 1.5.0 * * @param string $where The JOIN clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $join = apply_filters_ref_array('posts_join', array($join, &$this)); } // Paging if (empty($q['nopaging']) && !$this->is_singular) { $page = absint($q['paged']); if (!$page) { $page = 1; } // If 'offset' is provided, it takes precedence over 'paged'. if (isset($q['offset']) && is_numeric($q['offset'])) { $q['offset'] = absint($q['offset']); $pgstrt = $q['offset'] . ', '; } else { $pgstrt = absint(($page - 1) * $q['posts_per_page']) . ', '; } $limits = 'LIMIT ' . $pgstrt . $q['posts_per_page']; } // Comments feeds if ($this->is_comment_feed && !$this->is_singular) { if ($this->is_archive || $this->is_search) { $cjoin = "JOIN {$this->db->posts} ON ({$this->db->comments}.comment_post_ID = {$this->db->posts}.ID) {$join} "; $cwhere = "WHERE comment_approved = '1' {$where}"; $cgroupby = "{$this->db->comments}.comment_id"; } else { // Other non singular e.g. front $cjoin = "JOIN {$this->db->posts} ON ( {$this->db->comments}.comment_post_ID = {$this->db->posts}.ID )"; $cwhere = "WHERE ( post_status = 'publish' OR ( post_status = 'inherit' && post_type = 'attachment' ) ) AND comment_approved = '1'"; $cgroupby = ''; } if (!$q['suppress_filters']) { /** * Filters the JOIN clause of the comments feed query before sending. * * @since 2.2.0 * * @param string $cjoin The JOIN clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $cjoin = apply_filters_ref_array('comment_feed_join', array($cjoin, &$this)); /** * Filters the WHERE clause of the comments feed query before sending. * * @since 2.2.0 * * @param string $cwhere The WHERE clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $cwhere = apply_filters_ref_array('comment_feed_where', array($cwhere, &$this)); /** * Filters the GROUP BY clause of the comments feed query before sending. * * @since 2.2.0 * * @param string $cgroupby The GROUP BY clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $cgroupby = apply_filters_ref_array('comment_feed_groupby', array($cgroupby, &$this)); /** * Filters the ORDER BY clause of the comments feed query before sending. * * @since 2.8.0 * * @param string $corderby The ORDER BY clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $corderby = apply_filters_ref_array('comment_feed_orderby', array('comment_date_gmt DESC', &$this)); /** * Filters the LIMIT clause of the comments feed query before sending. * * @since 2.8.0 * * @param string $climits The JOIN clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $climits = apply_filters_ref_array('comment_feed_limits', array('LIMIT ' . get_option('posts_per_rss'), &$this)); } $cgroupby = !empty($cgroupby) ? 'GROUP BY ' . $cgroupby : ''; $corderby = !empty($corderby) ? 'ORDER BY ' . $corderby : ''; $comments = (array) $this->db->get_results("SELECT {$distinct} {$this->db->comments}.* FROM {$this->db->comments} {$cjoin} {$cwhere} {$cgroupby} {$corderby} {$climits}"); // Convert to WP_Comment $this->comments = array_map('get_comment', $comments); $this->comment_count = count($this->comments); $post_ids = array(); foreach ($this->comments as $comment) { $post_ids[] = (int) $comment->comment_post_ID; } $post_ids = join(',', $post_ids); $join = ''; if ($post_ids) { $where = "AND {$this->db->posts}.ID IN ({$post_ids}) "; } else { $where = "AND 0"; } } $pieces = array('where', 'groupby', 'join', 'orderby', 'distinct', 'fields', 'limits'); /* * Apply post-paging filters on where and join. Only plugins that * manipulate paging queries should use these hooks. */ if (!$q['suppress_filters']) { /** * Filters the WHERE clause of the query. * * Specifically for manipulating paging queries. * * @since 1.5.0 * * @param string $where The WHERE clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $where = apply_filters_ref_array('posts_where_paged', array($where, &$this)); /** * Filters the GROUP BY clause of the query. * * @since 2.0.0 * * @param string $groupby The GROUP BY clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $groupby = apply_filters_ref_array('posts_groupby', array($groupby, &$this)); /** * Filters the JOIN clause of the query. * * Specifically for manipulating paging queries. * * @since 1.5.0 * * @param string $join The JOIN clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $join = apply_filters_ref_array('posts_join_paged', array($join, &$this)); /** * Filters the ORDER BY clause of the query. * * @since 1.5.1 * * @param string $orderby The ORDER BY clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $orderby = apply_filters_ref_array('posts_orderby', array($orderby, &$this)); /** * Filters the DISTINCT clause of the query. * * @since 2.1.0 * * @param string $distinct The DISTINCT clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $distinct = apply_filters_ref_array('posts_distinct', array($distinct, &$this)); /** * Filters the LIMIT clause of the query. * * @since 2.1.0 * * @param string $limits The LIMIT clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $limits = apply_filters_ref_array('post_limits', array($limits, &$this)); /** * Filters the SELECT clause of the query. * * @since 2.1.0 * * @param string $fields The SELECT clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $fields = apply_filters_ref_array('posts_fields', array($fields, &$this)); /** * Filters all query clauses at once, for convenience. * * Covers the WHERE, GROUP BY, JOIN, ORDER BY, DISTINCT, * fields (SELECT), and LIMITS clauses. * * @since 3.1.0 * * @param array $clauses The list of clauses for the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $clauses = (array) apply_filters_ref_array('posts_clauses', array(compact($pieces), &$this)); $where = isset($clauses['where']) ? $clauses['where'] : ''; $groupby = isset($clauses['groupby']) ? $clauses['groupby'] : ''; $join = isset($clauses['join']) ? $clauses['join'] : ''; $orderby = isset($clauses['orderby']) ? $clauses['orderby'] : ''; $distinct = isset($clauses['distinct']) ? $clauses['distinct'] : ''; $fields = isset($clauses['fields']) ? $clauses['fields'] : ''; $limits = isset($clauses['limits']) ? $clauses['limits'] : ''; } /** * Fires to announce the query's current selection parameters. * * For use by caching plugins. * * @since 2.3.0 * * @param string $selection The assembled selection query. */ do_action('posts_selection', $where . $groupby . $orderby . $limits . $join); /* * Filters again for the benefit of caching plugins. * Regular plugins should use the hooks above. */ if (!$q['suppress_filters']) { /** * Filters the WHERE clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $where The WHERE clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $where = apply_filters_ref_array('posts_where_request', array($where, &$this)); /** * Filters the GROUP BY clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $groupby The GROUP BY clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $groupby = apply_filters_ref_array('posts_groupby_request', array($groupby, &$this)); /** * Filters the JOIN clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $join The JOIN clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $join = apply_filters_ref_array('posts_join_request', array($join, &$this)); /** * Filters the ORDER BY clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $orderby The ORDER BY clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $orderby = apply_filters_ref_array('posts_orderby_request', array($orderby, &$this)); /** * Filters the DISTINCT clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $distinct The DISTINCT clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $distinct = apply_filters_ref_array('posts_distinct_request', array($distinct, &$this)); /** * Filters the SELECT clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $fields The SELECT clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $fields = apply_filters_ref_array('posts_fields_request', array($fields, &$this)); /** * Filters the LIMIT clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $limits The LIMIT clause of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $limits = apply_filters_ref_array('post_limits_request', array($limits, &$this)); /** * Filters all query clauses at once, for convenience. * * For use by caching plugins. * * Covers the WHERE, GROUP BY, JOIN, ORDER BY, DISTINCT, * fields (SELECT), and LIMITS clauses. * * @since 3.1.0 * * @param array $pieces The pieces of the query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $clauses = (array) apply_filters_ref_array('posts_clauses_request', array(compact($pieces), &$this)); $where = isset($clauses['where']) ? $clauses['where'] : ''; $groupby = isset($clauses['groupby']) ? $clauses['groupby'] : ''; $join = isset($clauses['join']) ? $clauses['join'] : ''; $orderby = isset($clauses['orderby']) ? $clauses['orderby'] : ''; $distinct = isset($clauses['distinct']) ? $clauses['distinct'] : ''; $fields = isset($clauses['fields']) ? $clauses['fields'] : ''; $limits = isset($clauses['limits']) ? $clauses['limits'] : ''; } if (!empty($groupby)) { $groupby = 'GROUP BY ' . $groupby; } if (!empty($orderby)) { $orderby = 'ORDER BY ' . $orderby; } $found_rows = ''; if (!$q['no_found_rows'] && !empty($limits)) { $found_rows = 'SQL_CALC_FOUND_ROWS'; } $this->request = $old_request = "SELECT {$found_rows} {$distinct} {$fields} FROM {$this->db->posts} {$join} WHERE 1=1 {$where} {$groupby} {$orderby} {$limits}"; if (!$q['suppress_filters']) { /** * Filters the completed SQL query before sending. * * @since 2.0.0 * * @param string $request The complete SQL query. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $this->request = apply_filters_ref_array('posts_request', array($this->request, &$this)); } /** * Filters the posts array before the query takes place. * * Return a non-null value to bypass WordPress's default post queries. * * Filtering functions that require pagination information are encouraged to set * the `found_posts` and `max_num_pages` properties of the WP_Query object, * passed to the filter by reference. If WP_Query does not perform a database * query, it will not have enough information to generate these values itself. * * @since 4.6.0 * * @param array|null $posts Return an array of post data to short-circuit WP's query, * or null to allow WP to run its normal queries. * @param WP_Query $this The WP_Query instance, passed by reference. */ $this->posts = apply_filters_ref_array('posts_pre_query', array(null, &$this)); if ('ids' == $q['fields']) { if (null === $this->posts) { $this->posts = $this->db->get_col($this->request); } $this->posts = array_map('intval', $this->posts); $this->post_count = count($this->posts); $this->set_found_posts($q, $limits); return $this->posts; } if ('id=>parent' == $q['fields']) { if (null === $this->posts) { $this->posts = $this->db->get_results($this->request); } $this->post_count = count($this->posts); $this->set_found_posts($q, $limits); $r = array(); foreach ($this->posts as $key => $post) { $this->posts[$key]->ID = (int) $post->ID; $this->posts[$key]->post_parent = (int) $post->post_parent; $r[(int) $post->ID] = (int) $post->post_parent; } return $r; } if (null === $this->posts) { $split_the_query = $old_request == $this->request && "{$this->db->posts}.*" == $fields && !empty($limits) && $q['posts_per_page'] < 500; /** * Filters whether to split the query. * * Splitting the query will cause it to fetch just the IDs of the found posts * (and then individually fetch each post by ID), rather than fetching every * complete row at once. One massive result vs. many small results. * * @since 3.4.0 * * @param bool $split_the_query Whether or not to split the query. * @param WP_Query $this The WP_Query instance. */ $split_the_query = apply_filters('split_the_query', $split_the_query, $this); if ($split_the_query) { // First get the IDs and then fill in the objects $this->request = "SELECT {$found_rows} {$distinct} {$this->db->posts}.ID FROM {$this->db->posts} {$join} WHERE 1=1 {$where} {$groupby} {$orderby} {$limits}"; /** * Filters the Post IDs SQL request before sending. * * @since 3.4.0 * * @param string $request The post ID request. * @param WP_Query $this The WP_Query instance. */ $this->request = apply_filters('posts_request_ids', $this->request, $this); $ids = $this->db->get_col($this->request); if ($ids) { $this->posts = $ids; $this->set_found_posts($q, $limits); _prime_post_caches($ids, $q['update_post_term_cache'], $q['update_post_meta_cache']); } else { $this->posts = array(); } } else { $this->posts = $this->db->get_results($this->request); $this->set_found_posts($q, $limits); } } // Convert to WP_Post objects. if ($this->posts) { $this->posts = array_map('get_post', $this->posts); } if (!$q['suppress_filters']) { /** * Filters the raw post results array, prior to status checks. * * @since 2.3.0 * * @param array $posts The post results array. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $this->posts = apply_filters_ref_array('posts_results', array($this->posts, &$this)); } if (!empty($this->posts) && $this->is_comment_feed && $this->is_singular) { /** This filter is documented in wp-includes/query.php */ $cjoin = apply_filters_ref_array('comment_feed_join', array('', &$this)); /** This filter is documented in wp-includes/query.php */ $cwhere = apply_filters_ref_array('comment_feed_where', array("WHERE comment_post_ID = '{$this->posts[0]->ID}' AND comment_approved = '1'", &$this)); /** This filter is documented in wp-includes/query.php */ $cgroupby = apply_filters_ref_array('comment_feed_groupby', array('', &$this)); $cgroupby = !empty($cgroupby) ? 'GROUP BY ' . $cgroupby : ''; /** This filter is documented in wp-includes/query.php */ $corderby = apply_filters_ref_array('comment_feed_orderby', array('comment_date_gmt DESC', &$this)); $corderby = !empty($corderby) ? 'ORDER BY ' . $corderby : ''; /** This filter is documented in wp-includes/query.php */ $climits = apply_filters_ref_array('comment_feed_limits', array('LIMIT ' . get_option('posts_per_rss'), &$this)); $comments_request = "SELECT {$this->db->comments}.* FROM {$this->db->comments} {$cjoin} {$cwhere} {$cgroupby} {$corderby} {$climits}"; $comments = $this->db->get_results($comments_request); // Convert to WP_Comment $this->comments = array_map('get_comment', $comments); $this->comment_count = count($this->comments); } // Check post status to determine if post should be displayed. if (!empty($this->posts) && ($this->is_single || $this->is_page)) { $status = get_post_status($this->posts[0]); if ('attachment' === $this->posts[0]->post_type && 0 === (int) $this->posts[0]->post_parent) { $this->is_page = false; $this->is_single = true; $this->is_attachment = true; } $post_status_obj = get_post_status_object($status); // If the post_status was specifically requested, let it pass through. if (!$post_status_obj->public && !in_array($status, $q_status)) { if (!is_user_logged_in()) { // User must be logged in to view unpublished posts. $this->posts = array(); } else { if ($post_status_obj->protected) { // User must have edit permissions on the draft to preview. if (!current_user_can($edit_cap, $this->posts[0]->ID)) { $this->posts = array(); } else { $this->is_preview = true; if ('future' != $status) { $this->posts[0]->post_date = current_time('mysql'); } } } elseif ($post_status_obj->private) { if (!current_user_can($read_cap, $this->posts[0]->ID)) { $this->posts = array(); } } else { $this->posts = array(); } } } if ($this->is_preview && $this->posts && current_user_can($edit_cap, $this->posts[0]->ID)) { /** * Filters the single post for preview mode. * * @since 2.7.0 * * @param WP_Post $post_preview The Post object. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $this->posts[0] = get_post(apply_filters_ref_array('the_preview', array($this->posts[0], &$this))); } } // Put sticky posts at the top of the posts array $sticky_posts = get_option('sticky_posts'); if ($this->is_home && $page <= 1 && is_array($sticky_posts) && !empty($sticky_posts) && !$q['ignore_sticky_posts']) { $num_posts = count($this->posts); $sticky_offset = 0; // Loop over posts and relocate stickies to the front. for ($i = 0; $i < $num_posts; $i++) { if (in_array($this->posts[$i]->ID, $sticky_posts)) { $sticky_post = $this->posts[$i]; // Remove sticky from current position array_splice($this->posts, $i, 1); // Move to front, after other stickies array_splice($this->posts, $sticky_offset, 0, array($sticky_post)); // Increment the sticky offset. The next sticky will be placed at this offset. $sticky_offset++; // Remove post from sticky posts array $offset = array_search($sticky_post->ID, $sticky_posts); unset($sticky_posts[$offset]); } } // If any posts have been excluded specifically, Ignore those that are sticky. if (!empty($sticky_posts) && !empty($q['post__not_in'])) { $sticky_posts = array_diff($sticky_posts, $q['post__not_in']); } // Fetch sticky posts that weren't in the query results if (!empty($sticky_posts)) { $stickies = get_posts(array('post__in' => $sticky_posts, 'post_type' => $post_type, 'post_status' => 'publish', 'nopaging' => true)); foreach ($stickies as $sticky_post) { array_splice($this->posts, $sticky_offset, 0, array($sticky_post)); $sticky_offset++; } } } // If comments have been fetched as part of the query, make sure comment meta lazy-loading is set up. if (!empty($this->comments)) { wp_queue_comments_for_comment_meta_lazyload($this->comments); } if (!$q['suppress_filters']) { /** * Filters the array of retrieved posts after they've been fetched and * internally processed. * * @since 1.5.0 * * @param array $posts The array of retrieved posts. * @param WP_Query &$this The WP_Query instance (passed by reference). */ $this->posts = apply_filters_ref_array('the_posts', array($this->posts, &$this)); } // Ensure that any posts added/modified via one of the filters above are // of the type WP_Post and are filtered. if ($this->posts) { $this->post_count = count($this->posts); $this->posts = array_map('get_post', $this->posts); if ($q['cache_results']) { update_post_caches($this->posts, $post_type, $q['update_post_term_cache'], $q['update_post_meta_cache']); } $this->post = reset($this->posts); } else { $this->post_count = 0; $this->posts = array(); } if ($q['lazy_load_term_meta']) { wp_queue_posts_for_term_meta_lazyload($this->posts); } return $this->posts; }
/** * Automatic alias for subpost. * * @param $value * @param $q */ public static function argAttachment(Query $query, $value, &$q) { $q['attachment'] = sanitize_title_for_query(wp_basename($value)); $q['name'] = $q['attachment']; $query->isSingle = true; $q['post_type'] = 'attachment'; }
/** * Use specific query args present in the URL to alter the mm_posts query. * * @since 1.0.0 * * @param array $query_args The original query args. * @param array $args The instance args. * * @return array $query_args The updated query args. */ function mm_posts_filter_from_query_args($query_args, $args) { if (isset($_GET['per_page'])) { $query_args['posts_per_page'] = (int) $_GET['per_page']; } if (!empty($args['pagination']) && get_query_var('page')) { $query_args['paged'] = (int) get_query_var('page'); } if (isset($_GET['author'])) { $query_args['author'] = (int) $_GET['author']; } if (isset($_GET['cat'])) { $query_args['cat'] = (int) $_GET['cat']; } if (isset($_GET['tag'])) { $query_args['tag'] = sanitize_title_for_query($_GET['tag']); } if (isset($_GET['tag_id'])) { $query_args['tag_id'] = (int) $_GET['tag_id']; } return $query_args; }
/** * This is a filter on `posts_clauses` that allows the plugin to work around core WP expecting * hierarchical post types to have hierarchical permalinks. Rather, we want our forums to be * flat, so we need to make sure the correct forum is queried on single forum views. We do this * by overwriting the "where" clause and querying by the post name. * * @since 1.0.0 * @access public * @param array $clauses * @param object $query * @return array */ function mb_posts_clauses($clauses, $query) { global $wpdb; $type = mb_get_forum_post_type(); if ($query->get($type) && $query->get('post_type') && $type === $query->get('post_type')) { $clauses['where'] = $wpdb->prepare(" AND {$wpdb->posts}.post_name = %s AND {$wpdb->posts}.post_type = %s", sanitize_title_for_query($query->get($type)), $type); } return $clauses; }
/** * Helper function to get a WordPress page ID from the pagename. * @param string $pagename Page Slug * @return int Page/Post ID */ function get_id_from_pagename($pagename = '') { global $wpdb; $page_id = $wpdb->get_var("SELECT ID FROM {$wpdb->posts} WHERE post_name = '" . sanitize_title_for_query($pagename) . "'"); return $page_id; }
/** * Return all subscribers id * @param integer $item_id Item id. * @param string|array $activity Activity type. * @return array Ids of subscribed user. */ function ap_subscriber_ids($item_id = false, $activity = 'q_all', $question_id = 0) { global $wpdb; if (is_array($activity)) { $activity_k = implode('::', $activity); } else { $activity_k = $activity; } $key = $item_id . '::' . $activity_k . '::' . $question_id; $activity_q = ''; $cache = wp_cache_get($key, 'ap_subscribers_ids'); if (false !== $cache) { return $cache; } $item = ''; if (false !== $item_id) { $item = $wpdb->prepare('subs_item_id = %d AND', $item_id); } $question = ''; if (0 != $question_id) { $question = $wpdb->prepare('AND subs_question_id=%d', $question_id); } $i = 1; if (is_array($activity) && count($activity) > 0) { $activity_q .= ' subs_activity IN('; foreach ($activity as $a) { $activity_q .= '"' . sanitize_title_for_query($a) . '"'; if ($i != count($activity)) { $activity_q .= ', '; } $i++; } $activity_q .= ') '; } else { $activity_q = ' subs_activity = "' . sanitize_title_for_query($activity) . '"'; } $results = $wpdb->get_col('SELECT subs_user_id FROM ' . $wpdb->ap_subscribers . ' WHERE ' . $item . ' ' . $activity_q . ' ' . $question . ' GROUP BY subs_user_id'); wp_cache_set($key, $results, 'ap_subscribers_ids'); return $results; }
static function count_user_comment($post_id = false) { if (!$post_id) { $post_id = get_the_ID(); } $user = wp_get_current_user(); $user_id = get_current_user_id(); //$email=$user->user_email; global $wpdb; $query = "SELECT count({$wpdb->comments}.comment_ID) as total from {$wpdb->comments} where 1=1"; $query .= " and `comment_type`='st_reviews'"; $query .= " and comment_post_ID='" . sanitize_title_for_query($post_id) . "'"; //$query.=" and comment_author_email='".sanitize_email($email)."'"; $query .= " and user_id='" . $user_id . "'"; $query .= " and comment_approved=1"; $count = $wpdb->get_var($query); return $count; }
<?php // Template Name: Signage $location = isset($_GET['loc']) ? intval($_GET['loc']) : ''; $faire = isset($_GET['faire']) ? $_GET['faire'] : 'ny15'; if (!isset($_GET['description'])) { $short_description = true; } else { $short_description = false; } $orderBy = isset($_GET['orderBy']) ? $_GET['orderBy'] : ''; if (isset($_GET['day'])) { $day = sanitize_title_for_query($_GET['day']); } if (!empty($location)) { $term = get_term_by('name', $location, 'location'); } /** * Get our schedule stuff * @param String $location [description] * @return [type] [description] */ function get_schedule_list($location, $short_description = false, $day_set = '', $faire = 'ny15') { global $orderBy; global $wpdb; $output = ''; //retrieve Data $sql = "SELECT DAYNAME(schedule.start_dt) as Day,\n DATE_FORMAT(schedule.start_dt,'%h:%i %p') as 'Start Time',\n DATE_FORMAT(schedule.end_dt,'%h:%i %p') as 'End Time', \n if(subarea.niceName = '' or subarea.niceName is null,subarea.subarea,subarea.niceName) as nicename, \n area.area, entity.presentation_title as 'Exhibit',\n (select group_concat( distinct concat(maker.`FIRST NAME`,' ',maker.`LAST NAME`) separator ', ') as Makers\n from wp_mf_maker maker, \n wp_mf_maker_to_entity maker_to_entity\n where schedule.entry_id = maker_to_entity.entity_id AND\n maker_to_entity.maker_id = maker.maker_id AND\n maker_to_entity.maker_type != 'Contact' \n group by maker.lead_id\n ) as Presenters \n\n FROM wp_mf_schedule schedule\n join wp_mf_entity entity on \n schedule.entry_id = entity.lead_id and \n entity.status = 'Accepted' \n join wp_mf_location location on \n schedule.location_id = location.ID and\n schedule.entry_id = location.entry_id\n join wp_mf_faire_subarea subarea on\n location.subarea_id = subarea.id\n join wp_mf_faire_area area on \n subarea.area_id = area.id\n\n where schedule.faire = '" . $faire . "' \n \n " . ($day_set != '' ? " and DAYNAME(`schedule`.`start_dt`)='" . ucfirst($day_set) . "'" : ''); if ($orderBy == 'time') { $sql .= " order by schedule.start_dt ASC, schedule.end_dt ASC, nicename ASC, 'Exhibit' ASC";
/** * Sanitize user inputted options before saving them * * @since 1.3 * @param string $sanitize_type takes type of sanitization to be performed over plain_text * @param string $plain_text takes the plain_text inputted by user using some form in SSW * @return string which is sanitized and clean for saving in db */ public function ssw_sanitize_option($sanitize_type, $plain_text) { if ($sanitize_type == 'to_array_on_eol') { $sanitized_text = stripslashes(wp_kses_post($plain_text)); $sanitized_text = array_map('trim', explode("\n", $sanitized_text)); return $sanitized_text; } else { if ($sanitize_type == 'to_array_on_comma') { $sanitized_text = stripslashes(wp_kses_post($plain_text)); $sanitized_text = array_map('trim', explode(",", $sanitized_text)); return $sanitized_text; } else { if ($sanitize_type == 'allow_html') { $sanitized_text = stripslashes(wp_kses_post($plain_text)); return $sanitized_text; } else { if ($sanitize_type == 'sanitize_field') { $sanitized_text = stripslashes(sanitize_text_field($plain_text)); return $sanitized_text; } else { if ($sanitize_type == 'sanitize_url') { $sanitized_text = str_replace('-', '', stripslashes(sanitize_key($plain_text))); return $sanitized_text; } else { if ($sanitize_type == 'sanitize_email') { $sanitized_text = stripslashes(sanitize_email($plain_text)); return $sanitized_text; } else { if ($sanitize_type == 'sanitize_key') { $sanitized_text = stripslashes(sanitize_key($plain_text)); return $sanitized_text; } else { if ($sanitize_type == 'sanitize_text_field') { $sanitized_text = stripslashes(sanitize_text_field($plain_text)); return $sanitized_text; } else { if ($sanitize_type == 'sanitize_title_for_query') { $sanitized_text = stripslashes(sanitize_title_for_query($plain_text)); return $sanitized_text; } else { $sanitized_text = stripslashes(sanitize_key($plain_text)); return $sanitized_text; } } } } } } } } } }
static function _update_user_online() { if (!self::$is_working) { return; } if (is_admin()) { return; } global $wpdb; $table_name = $wpdb->prefix . self::$useronline; $intIp = STInput::ip_address(); $item_id = 0; if (is_singular()) { $item_id = get_the_ID(); } $where = ''; if ($item_id) { $where .= ' AND item_id=' . sanitize_title_for_query($item_id); } $ip_exists = $wpdb->get_results($wpdb->prepare("SELECT * FROM {$table_name}\r\n WHERE ip=%d " . $where, $intIp)); if (!empty($ip_exists) and is_array($ip_exists)) { $wpdb->query($wpdb->prepare("UPDATE {$table_name}\r\n SET dt=%d\r\n WHERE ip=%s " . $where, time(), $intIp)); } else { $wpdb->query($wpdb->prepare("INSERT INTO {$table_name}\r\n (ip,dt,item_id)\r\n values(%s,%d,%d)", $intIp, time(), $item_id)); } }
public function count_posts($lang, $args = array()) { global $wpdb; $q = wp_parse_args($args, array('post_type' => 'post')); if (!is_array($q['post_type'])) { $q['post_type'] = array($q['post_type']); } $cache_key = md5(serialize($q)); $counts = wp_cache_get($cache_key, 'pll_count_posts'); if (false === $counts) { $select = "SELECT pll_tr.term_taxonomy_id, COUNT(*) AS num_posts FROM {$wpdb->posts} AS p"; $join = $this->join_clause('post'); $where = " WHERE post_status = 'publish'"; $where .= " AND p.post_type IN ('" . join("', '", $q['post_type']) . "')"; $where .= $this->where_clause($this->get_languages_list(), 'post'); $groupby = " GROUP BY pll_tr.term_taxonomy_id"; if (!empty($q['m'])) { $q['m'] = '' . preg_replace('|[^0-9]|', '', $q['m']); $where .= $wpdb->prepare(" AND YEAR(p.post_date) = %d", substr($q['m'], 0, 4)); if (strlen($q['m']) > 5) { $where .= $wpdb->prepare(" AND MONTH(p.post_date) = %d", substr($q['m'], 4, 2)); } if (strlen($q['m']) > 7) { $where .= $wpdb->prepare(" AND DAYOFMONTH(p.post_date) = %d", substr($q['m'], 6, 2)); } } if (!empty($q['year'])) { $where .= $wpdb->prepare(" AND YEAR(p.post_date) = %d", $q['year']); } if (!empty($q['monthnum'])) { $where .= $wpdb->prepare(" AND MONTH(p.post_date) = %d", $q['monthnum']); } if (!empty($q['day'])) { $where .= $wpdb->prepare(" AND DAYOFMONTH(p.post_date) = %d", $q['day']); } if (!empty($q['author_name'])) { $author = get_user_by('slug', sanitize_title_for_query($q['author_name'])); if ($author) { $q['author'] = $author->ID; } } if (!empty($q['author'])) { $where .= $wpdb->prepare(" AND p.post_author = %d", $q['author']); } if (!empty($q['post_format'])) { $join .= " INNER JOIN {$wpdb->term_relationships} AS tr ON tr.object_id = p.ID"; $join .= " INNER JOIN {$wpdb->term_taxonomy} AS tt ON tt.term_taxonomy_id = tr.term_taxonomy_id"; $join .= " INNER JOIN {$wpdb->terms} AS t ON t.term_id = tt.term_id"; $where .= $wpdb->prepare(" AND t.slug = %s", $q['post_format']); } $res = $wpdb->get_results($select . $join . $where . $groupby, ARRAY_A); foreach ((array) $res as $row) { $counts[$row['term_taxonomy_id']] = $row['num_posts']; } wp_cache_set($cache_key, $counts, 'pll_count_posts'); } return empty($counts[$lang->term_taxonomy_id]) ? 0 : $counts[$lang->term_taxonomy_id]; }
/** * Get all Term data from database by Term field and data. * * Warning: $value is not escaped for 'name' $field. You must do it yourself, if * required. * * The default $field is 'id', therefore it is possible to also use null for * field, but not recommended that you do so. * * If $value does not exist, the return value will be false. If $taxonomy exists * and $field and $value combinations exist, the Term will be returned. * * @package WordPress * @subpackage Taxonomy * @since 2.3.0 * * @uses $wpdb * @uses sanitize_term() Cleanses the term based on $filter context before returning. * @see sanitize_term_field() The $context param lists the available values for get_term_by() $filter param. * * @param string $field Either 'slug', 'name', or 'id' * @param string|int $value Search for this term value * @param string $taxonomy Taxonomy Name * @param string $output Constant OBJECT, ARRAY_A, or ARRAY_N * @param string $filter Optional, default is raw or no WordPress defined filter will applied. * @return mixed Term Row from database. Will return false if $taxonomy does not exist or $term was not found. */ function get_term_by($field, $value, $taxonomy, $output = OBJECT, $filter = 'raw') { global $wpdb; if (!taxonomy_exists($taxonomy)) { return false; } if ('slug' == $field) { $field = 't.slug'; $value = sanitize_title_for_query($value); if (empty($value)) { return false; } } else { if ('name' == $field) { // Assume already escaped $value = stripslashes($value); $field = 't.name'; } else { return get_term((int) $value, $taxonomy, $output, $filter); } } $term = $wpdb->get_row($wpdb->prepare("SELECT t.*, tt.* FROM {$wpdb->terms} AS t INNER JOIN {$wpdb->term_taxonomy} AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = %s AND {$field} = %s LIMIT 1", $taxonomy, $value)); if (!$term) { return false; } wp_cache_add($term->term_id, $term, $taxonomy); $term = apply_filters('get_term', $term, $taxonomy); $term = apply_filters("get_{$taxonomy}", $term, $taxonomy); $term = sanitize_term($term, $taxonomy, $filter); if ($output == OBJECT) { return $term; } elseif ($output == ARRAY_A) { return get_object_vars($term); } elseif ($output == ARRAY_N) { return array_values(get_object_vars($term)); } else { return $term; } }
/** * Get the active tab. If the page isn't provided, the function * will return the first tab name * * @return string * @access protected */ public function _get_tab() { $panel_page = !empty($_REQUEST['panel_page']) ? sanitize_title_for_query($_REQUEST['panel_page']) : ''; $tabs = array_keys($this->options); return !empty($panel_page) ? $panel_page : $tabs[0]; }
<?php /* Insert from Step 1 data into SSW's table in database */ if ($_POST['ssw_next_stage'] != '') { /* sanitize_title_for_query sanitizes the value to make it safe for passing in to a SQL query */ $site_usage = sanitize_title_for_query($_POST['ssw_site_usage']); $this->ssw_debug_log('step1_process', 'site_usage', $site_usage); $next_stage = sanitize_title_for_query($_POST['ssw_next_stage']); $this->ssw_debug_log('step1_process', 'next_stage', $next_stage); $starttime = current_time('mysql'); $endtime = $starttime; $previously_inserted = $wpdb->get_var('SELECT COUNT(*) FROM ' . $ssw_main_table . ' WHERE user_id =' . $current_user_id . ' and wizard_completed = false'); $this->ssw_log_sql_error($wpdb->last_error); $this->ssw_debug_log('step1_process', 'previously_inserted', $previously_inserted); if ($previously_inserted == 0) { $result = $wpdb->query($wpdb->prepare("Insert into {$ssw_main_table} (user_id, site_usage, next_stage, starttime, endtime)\n\t\t Values (%d, %s, %s, %s, %s)", $current_user_id, $site_usage, $next_stage, $starttime, $endtime)); $this->ssw_log_sql_error($wpdb->last_error); if (is_wp_error($result)) { $error_string = 'Please select a proper use case for your site'; echo '<div id="message" class="error"><p>' . $error_string . '</p></div>'; } } }
/** * sets up the filters for the promotions scope selector * * @since 1.0.0 * @return string */ protected function _get_applies_to_filters() { EE_Registry::instance()->load_helper('Form_Fields'); //categories $categories = get_terms('espresso_event_categories', array('hide_empty' => FALSE, 'fields' => 'id=>name')); $cat_values[] = array('text' => __('Include all categories', 'event_espresso'), 'id' => 0); $default = !empty($_REQUEST['EVT_CAT_ID']) ? absint($_REQUEST['EVT_CAT_ID']) : ''; foreach ($categories as $id => $name) { $cat_values[] = array('text' => $name, 'id' => $id); } $cat_filter = '<label for="EVT_CAT_ID" class="ee-promotions-filter-lbl">' . __('event categories', 'event_espresso') . '</label>'; $cat_filter .= EEH_Form_Fields::select_input('EVT_CAT_ID', $cat_values, $default); //start date $existing_start_date = !empty($_REQUEST['EVT_start_date_filter']) ? date('Y-m-d h:i a', strtotime($_REQUEST['EVT_start_date_filter'])) : ''; $start_date_filter = '<label for="EVT_start_date_filter" class="ee-promotions-filter-lbl">' . __('start date', 'event_espresso') . '</label>'; $start_date_filter .= '<input data-context="start" data-container="scope" data-next-field="#EVT_end_date_filter" type="text" id="EVT_start_date_filter" name="EVT_start_date_filter" class="promotions-date-filter ee-text-inp ee-datepicker" value="' . $existing_start_date . '"><span class="dashicons dashicons-calendar"></span><span class="dashicons dashicons-editor-removeformatting ee-clear-field" data-clearField="#EVT_start_date_filter"></span>'; //end date $existing_end_date = !empty($_REQUEST['EVT_end_date_filter']) ? date('Y-m-d h:i a', strtotime($_REQUEST['EVT_end_date_filter'])) : ''; $end_date_filter = '<label for="EVT_end_date_filter" class="ee-promotions-filter-lbl">' . __('end date', 'event_espresso') . '</label>'; $end_date_filter .= '<input data-context="end" data-container="scope" data-next-field="#EVT_title_filter" type="text" id="EVT_end_date_filter" name="EVT_end_date_filter" class="promotions-date-filter ee-text-inp ee-datepicker" value="' . $existing_end_date . '"><span class="dashicons dashicons-calendar"></span><span class="dashicons dashicons-editor-removeformatting ee-clear-field" data-clearField="#EVT_end_date_filter"></span>'; //event name $existing_name = !empty($_REQUEST['EVT_title_filter']) ? sanitize_title_for_query($_REQUEST['EVT_title_filter']) : ''; $event_title_filter = '<label for="EVT_title_filter" class="ee-promotions-filter-lbl">' . __('event title', 'event_espresso') . '</label>'; $event_title_filter .= '<input type="text" id="EVT_title_filter" name="EVT_title_filter" class="promotions-general-filter ee-text-inp" value="' . $existing_name . '" placeholder="' . __('Event Title Filter', 'event_espresso') . '">'; //include expired events $expired_checked = isset($_REQUEST['include_expired_events_filter']) ? " checked=checked" : ''; $include_expired_filter = '<div class="jst-rght"><label for="include-expired-events-filter" class="ee-promotions-filter-lbl single-line-filter-label">' . __('Include expired events?', 'event_espresso'); $include_expired_filter .= ' <input type="checkbox" id="include-expired-events-filter" name="include_expired_events_filter" class="promotions-general-filter ee-checkbox-inp" value="1"' . $expired_checked . '></label></div>'; return $cat_filter . '<br>' . $start_date_filter . '<br>' . $end_date_filter . '<br>' . $event_title_filter . '<br>' . $include_expired_filter . '<div style="clear: both"></div>'; }
public function get_by_slug($slug) { global $wpdb; $slug = esc_sql($slug); $slug = sanitize_title_for_query($slug); $sql = $wpdb->prepare("SELECT * \n\t\t\t\t\t\tFROM {$this->prefix()}posts AS p\n\t\t\t\t\t\tJOIN {$this->table_name} AS a ON a.{$this->primary_key} = p.ID\n\t\t\t\t\t\tWHERE post_name = %s AND \n\t\t\t\t\t\tpost_type = %s;", $slug, $this->post_type); $data = $this->run_sql($sql); if (count($data) == 1) { return $data[0]; } else { return null; } }