/**
* Create an array to store the which records by visibility the user can edit.
* This is done to prevent deleting any records the user isn't permitted view.
*
* @access private
* @since 8.2.6
*
* @global $wpdb
*
* @uses cnEntry_DB::sanitizeID()
* @uses wpdb::query()
*
* @param string $table The table from which to delete the rows from.
* @param array $data An array of unique ID/s to delete from the defined table.
*/
private function upsertDelete($table, $data)
{
/** @var wpdb $wpdb */
global $wpdb;
$permitted = array();
$where = array('WHERE 1=1');
$where[] = 'AND `entry_id` = "' . $this->id . '"';
if (current_user_can('connections_view_public')) {
$permitted[] = 'public';
}
if (current_user_can('connections_view_private')) {
$permitted[] = 'private';
}
if (current_user_can('connections_view_unlisted')) {
$permitted[] = 'unlisted';
}
if (!empty($permitted)) {
$where[] = 'AND `visibility` IN (\'' . implode('\', \'', $permitted) . '\')';
}
$id = cnSanitize::id($data);
if (!empty($id)) {
$where[] = 'AND `id` NOT IN ( ' . implode(', ', $id) . ' )';
}
$wpdb->query("DELETE FROM `{$table}` " . implode(' ', $where));
}
