Navigation

← Previous Changeset
Next Changeset →

Changeset 6240

Timestamp:

10/13/07 02:36:38 (11 months ago)

Author:

markjaquith

Message:

Forget about 4th update() param -- only accept named array. Roll out more insert()/update() and various cleanups.

Files:

trunk/wp-includes/post.php (modified) (13 diffs)
trunk/wp-includes/wp-db.php (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/wp-includes/post.php

r6238	r6240
260	260	//
261	261
262		function add_post_meta($post_id, $key, $value, $unique = false) {
263		global $wpdb;
264
265		if ( $unique ) {
266		// expected_slashed ($key)
267		if ( $wpdb->get_var($wpdb->prepare("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = %d", $post_id)) ) {
268		return false;
269		}
270		}
	262	function add_post_meta($post_id, $meta_key, $meta_value, $unique = false) {
	263	global $wpdb;
	264
	265	// expected_slashed ($meta_key)
	266	$meta_key = stripslashes($meta_key);
	267
	268	if ( $unique && $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) )
	269	return false;
271	270
272	271	$cache = wp_cache_get($post_id, 'post_meta');
273	272	if ( ! is_array($cache) )
274	273	$cache = array();
275		$cache[$key][] = $value;
	274	// expected_slashed ($meta_key)
	275	$cache[$wpdb->escape($meta_key)][] = $meta_value;
276	276
277	277	wp_cache_set($post_id, $cache, 'post_meta');
278	278
279		$value = maybe_serialize($value);
280
281		// expected_slashed ($key)
282		$wpdb->query($wpdb->prepare("INSERT INTO $wpdb->postmeta (post_id,meta_key,meta_value) VALUES (%d,'$key',%s)", $post_id, $value));
283
	279	$meta_value = maybe_serialize($meta_value);
	280
	281	$wpdb->insert( $wpdb->postmeta, compact( 'post_id', 'meta_key', 'meta_value' ) );
284	282	return true;
285	283	}
…	…
288	286	global $wpdb;
289	287
290		if ( empty($value) ) {
291		// expected_slashed ($key)
292		$meta_id = $wpdb->get_var($wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key'", $post_id));
293		} else {
294		// expected_slashed ($key, $value)
295		$meta_id = $wpdb->get_var($wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key' AND meta_value = '$value'", $post_id));
296		}
	288	$post_id = absint( $post_id );
	289
	290	// expected_slashed ($key, $value)
	291	$key = stripslashes( $key );
	292	$value = stripslashes( $value );
	293
	294	if ( empty( $value ) )
	295	$meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $key ) );
	296	else
	297	$meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $key, $value ) );
297	298
298	299	if ( !$meta_id )
299	300	return false;
300	301
301		if ( empty($value) ) {
302		// expected_slashed ($key)
303		$wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key'", $post_id));
304		} else {
305		// expected_slashed ($key, $value)
306		$wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key' AND meta_value = '$value'", $post_id));
307		}
	302	if ( empty( $value ) )
	303	$wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $key ) );
	304	else
	305	$wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $key, $value ) );
308	306
309	307	wp_cache_delete($post_id, 'post_meta');
…	…
342	340	}
343	341
344		function update_post_meta($post_id, $~~key, $~~value, $prev_value = '') {
345		global $wpdb;
346
347		$original_value = $value;
348		$~~value = maybe_serialize($~~value);
	342	function update_post_meta($post_id, $meta_key, $meta_value, $prev_value = '') {
	343	global $wpdb;
	344
	345	$original_value = $meta_value;
	346	$meta_value = maybe_serialize($meta_value);
349	347
350	348	$original_prev = $prev_value;
351	349	$prev_value = maybe_serialize($prev_value);
352	350
353		// expected_slashed ($key)
354		~~if (! $wpdb->get_var($wpdb->prepare("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = %d", $post_id)) ) {~~
355		return false;
356		}
357
358		if ( empty($prev_value) ) {
359		~~// expected_slashed ($key)~~
360		~~$wpdb->query($wpdb->prepare("UPDATE $wpdb->postmeta SET meta_value = %s WHERE meta_key = '$key' AND post_id = %d", $value, $post_id)~~);
361		} else {
362		~~// expected_slashed ($key~~)
363		$w~~pdb->query($wpdb->prepare("UPDATE $wpdb->postmeta SET meta_value = %s WHERE meta_key = '$key' AND post_id = %d AND meta_value = %s", $value, $post_id, $prev_value))~~;
364		}
365
	351	// expected_slashed ($meta_key)
	352	$meta_key = stripslashes($meta_key);
	353
	354	if ( ! $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) )
	355	return false;
	356
	357	$data = compact( 'meta_value' );
	358	$where = compact( 'meta_key', 'post_id' );
	359
	360	if ( !empty( $prev_value ) )
	361	$where['meta_value'] = $prev_value;
	362
	363	$wpdb->update( $wpdb->postmeta, $data, $where );
366	364	wp_cache_delete($post_id, 'post_meta');
367
368	365	return true;
369	366	}
…	…
501	498	wp_delete_object_term_relationships($postid, array('category', 'post_tag'));
502	499
	500	$parent_data = array( 'post_parent' => $post->post_parent );
	501	$parent_where = array( 'post_parent' => $postid );
	502
503	503	if ( 'page' == $post->post_type )
504		$wpdb->~~query( $wpdb->prepare("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = %d AND post_type = 'page'", $postid )~~);
505
506		$wpdb->~~query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_parent = %s WHERE post_parent = %d AND post_type = 'attachment'", $post->post_parent, $postid )~~);
	504	$wpdb->update( $wpdb->posts, $parent_data, $parent_where + array( 'post_type' => 'page' ) );
	505
	506	$wpdb->update( $wpdb->posts, $parent_data, $parent_where + array( 'post_type' => 'attachment' ) );
507	507
508	508	$wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid ));
…	…
703	703	$data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order' ) );
704	704	$data = stripslashes_deep( $data );
	705	$where = array( 'ID' => $post_ID );
705	706
706	707	if ($update) {
707		$wpdb->update( $wpdb->posts, $data, ~~'ID', $post_ID~~ );
	708	$wpdb->update( $wpdb->posts, $data, $where );
708	709	} else {
709	710	$data['post_mime_type'] = stripslashes( $post_mime_type ); // This isn't in the update
…	…
714	715	if ( empty($post_name) && 'draft' != $post_status ) {
715	716	$post_name = sanitize_title($post_title, $post_ID);
716		$wpdb->~~query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_name = %s WHERE ID = %d", $post_name, $post_ID )~~ );
	717	$wpdb->update( $wpdb->posts, compact( 'post_name' ), $where );
717	718	}
718	719
…	…
728	729	// Set GUID
729	730	if ( ! $update )
730		$wpdb->~~query( $wpdb->prepare( "UPDATE $wpdb->posts SET guid = %s WHERE ID = %d", get_permalink($post_ID), $post_ID )~~);
	731	$wpdb->update( $wpdb->posts, array( 'guid' => get_permalink( $post_ID ) ), $where );
731	732
732	733	$post = get_post($post_ID);
…	…
796	797	return;
797	798
798		$wpdb->~~query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_status = 'publish' WHERE ID = %d", $post_id )~~);
	799	$wpdb->update( $wpdb->posts, array( 'post_status' => 'publish' ), array( 'ID' => $post_id ) );
799	800
800	801	$old_status = $post->post_status;
…	…
863	864	$new = apply_filters('add_ping', $new);
864	865	// expected_slashed ($new)
865		return $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET pinged = '$new' WHERE ID = %d", $post_id ));
	866	$new = stripslashes($new);
	867	return $wpdb->update( $wpdb->posts, array( 'pinged' => $new ), array( 'ID' => $post_id ) );
866	868	}
867	869
…	…
1294	1296	$data = stripslashes_deep( $data );
1295	1297
1296		if (~~$update~~) {
1297		$wpdb->update(~~$wpdb->posts, $data, 'ID', $post_ID~~);
	1298	if ( $update ) {
	1299	$wpdb->update( $wpdb->posts, $data, array( 'ID' => $post_ID ) );
1298	1300	} else {
1299		$wpdb->insert(~~$wpdb->posts, $data~~);
	1301	$wpdb->insert( $wpdb->posts, $data );
1300	1302	$post_ID = (int) $wpdb->insert_id;
1301	1303	}
…	…
1303	1305	if ( empty($post_name) ) {
1304	1306	$post_name = sanitize_title($post_title, $post_ID);
1305		$wpdb->~~query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_name = '%s' WHERE ID = %d", $post_name, $post_ID)~~);
	1307	$wpdb->update( $wpdb->posts, compact( $post_name ), array( 'ID' => $post_ID ) );
1306	1308	}
1307	1309
…	…
1713	1715	if ( $old_status != 'publish' && $new_status == 'publish' ) {
1714	1716	// Reset GUID if transitioning to publish.
1715		$wpdb->~~query( $wpdb->prepare( "UPDATE $wpdb->posts SET guid = %s WHERE ID = %d", get_permalink($post->ID), $post->ID )~~);
	1717	$wpdb->update( $wpdb->posts, array( 'guid' => get_permalink( $post->ID ) ), array( 'ID' => $post->ID ) );
1716	1718	do_action('private_to_published', $post->ID); // Deprecated, use private_to_publish
1717	1719	}
…	…
1740	1742	$post = get_post($post_id);
1741	1743
	1744	$data = array( 'post_id' => $post_id, 'meta_value' => '1' );
1742	1745	if ( get_option('default_pingback_flag') )
1743		$result = $wpdb->query( $wpdb->prepare( "
1744		INSERT INTO $wpdb->postmeta
1745		(post_id,meta_key,meta_value)
1746		VALUES (%s,'_pingme','1')
1747		", $post_id ));
1748		$result = $wpdb->query( $wpdb->prepare( "
1749		INSERT INTO $wpdb->postmeta
1750		(post_id,meta_key,meta_value)
1751		VALUES (%s,'_encloseme','1')
1752		", $post_id ));
	1746	$wpdb->insert( $wpdb->postmeta, $data + array( 'meta_key' => '_pingme' ) );
	1747	$wpdb->insert( $wpdb->postmeta, $data + array( 'meta_key' => '_encloseme' ) );
1753	1748	wp_schedule_single_event(time(), 'do_pings');
1754	1749	}

trunk/wp-includes/wp-db.php

r6239	r6240
267	267	* @param string $table WARNING: not sanitized!
268	268	* @param array $data should not already be SQL-escaped
269		* @param mixed $where_col_or_array if a string, it represents the column of the WHERE statement. If an array (named), it can represent multiple col = 'value' pairs that will be joined with ANDs WARNING: the column names are not sanitized!
270		* @param string $where_val the value of the WHERE statement. Should not already be SQL-escaped.
	269	* @param array $where a named array of WHERE column => value relationships. Multiple member pairs will be joined with ANDs. WARNING: the column names are not currently sanitized!
271	270	* @return mixed results of $this->query()
272	271	*/
273		function update($table, $data, $where~~_col_or_array, $where_val=NULL~~){
	272	function update($table, $data, $where){
274	273	$data = add_magic_quotes($data);
275	274	$bits = $wheres = array();
…	…
277	276	$bits[] = "`$k` = '$data[$k]'";
278	277
279		if ( is_string( $where_col_or_array ) )
280		$wheres = array( "$where_col_or_array = '" . $this->escape($where_val) . "'" );
281		elseif ( is_array( $where_col_or_array ) )
282		foreach ( $where_col_or_array as $c => $v )
	278	if ( is_array( $where ) )
	279	foreach ( $where as $c => $v )
283	280	$wheres[] = "$c = '" . $this->escape( $v ) . "'";
284	281	else

Navigation

Changeset 6240

Legend:

trunk/wp-includes/post.php

trunk/wp-includes/wp-db.php

Download in other formats: