WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

prepare() for wp-includes/ link-template.php, post.php, general-template.php, pluggable.php, functions.php. see #4553 

git-svn-id: http://svn.automattic.com/wordpress/trunk@6180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
markjaquith 2007-10-02 18:45:47 +00:00
parent 2bcddfc042
commit 21c25b5566
5 changed files with 117 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
wp-includes/functions.php
View File

@ -199,6 +199,7 @@ function get_option($setting) {
if ( false === $value ) { if ( false === $value ) {
if ( defined('WP_INSTALLING') ) if ( defined('WP_INSTALLING') )
$wpdb->hide_errors(); $wpdb->hide_errors();
// expected_slashed ($setting)
$row = $wpdb->get_row("SELECT option_value FROM $wpdb->options WHERE option_name = '$setting' LIMIT 1"); $row = $wpdb->get_row("SELECT option_value FROM $wpdb->options WHERE option_name = '$setting' LIMIT 1");
if ( defined('WP_INSTALLING') ) if ( defined('WP_INSTALLING') )
$wpdb->show_errors(); $wpdb->show_errors();
@ -315,9 +316,7 @@ function update_option($option_name, $newvalue) {
wp_cache_set($option_name, $newvalue, 'options'); wp_cache_set($option_name, $newvalue, 'options');
} }
$newvalue = $wpdb->escape($newvalue); $wpdb->query($wpdb->prepare("UPDATE $wpdb->options SET option_value = %s WHERE option_name = %s", $newvalue, $option_name));
$option_name = $wpdb->escape($option_name);
$wpdb->query("UPDATE $wpdb->options SET option_value = '$newvalue' WHERE option_name = '$option_name'");
if ( $wpdb->rows_affected == 1 ) { if ( $wpdb->rows_affected == 1 ) {
do_action("update_option_{$option_name}", $oldvalue, $_newvalue); do_action("update_option_{$option_name}", $oldvalue, $_newvalue);
return true; return true;
@ -357,9 +356,7 @@ function add_option($name, $value = '', $deprecated = '', $autoload = 'yes') {
wp_cache_set('notoptions', $notoptions, 'options'); wp_cache_set('notoptions', $notoptions, 'options');
} }
$name = $wpdb->escape($name); $wpdb->query($wpdb->prepare("INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES (%s, %s, %s)", $name, $value, $autoload));
$value = $wpdb->escape($value);
$wpdb->query("INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES ('$name', '$value', '$autoload')");
return; return;
} }
@ -370,8 +367,10 @@ function delete_option($name) {
wp_protect_special_option($name); wp_protect_special_option($name);
// Get the ID, if no ID then return // Get the ID, if no ID then return
// expected_slashed ($name)
$option = $wpdb->get_row("SELECT option_id, autoload FROM $wpdb->options WHERE option_name = '$name'"); $option = $wpdb->get_row("SELECT option_id, autoload FROM $wpdb->options WHERE option_name = '$name'");
if ( !$option->option_id ) return false; if ( !$option->option_id ) return false;
// expected_slashed ($name)
$wpdb->query("DELETE FROM $wpdb->options WHERE option_name = '$name'"); $wpdb->query("DELETE FROM $wpdb->options WHERE option_name = '$name'");
if ( 'yes' == $option->autoload ) { if ( 'yes' == $option->autoload ) {
$alloptions = wp_load_alloptions(); $alloptions = wp_load_alloptions();
@ -514,15 +513,15 @@ function do_enclose( $content, $post_ID ) {
endforeach; endforeach;
foreach ($post_links as $url) : foreach ($post_links as $url) :
if ( $url != '' && !$wpdb->get_var("SELECT post_id FROM $wpdb->postmeta WHERE post_id = '$post_ID' AND meta_key = 'enclosure' AND meta_value LIKE ('$url%')") ) { if ( $url != '' && !$wpdb->get_var($wpdb->prepare("SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, $url.'%')) ) {
if ( $headers = wp_get_http_headers( $url) ) { if ( $headers = wp_get_http_headers( $url) ) {
$len = (int) $headers['content-length']; $len = (int) $headers['content-length'];
$type = $wpdb->escape( $headers['content-type'] ); $type = $wpdb->escape( $headers['content-type'] );
$allowed_types = array( 'video', 'audio' ); $allowed_types = array( 'video', 'audio' );
if ( in_array( substr( $type, 0, strpos( $type, "/" ) ), $allowed_types ) ) { if ( in_array( substr( $type, 0, strpos( $type, "/" ) ), $allowed_types ) ) {
$meta_value = "$url\n$len\n$type\n"; $meta_value = "$url\n$len\n$type\n";
$wpdb->query( "INSERT INTO `$wpdb->postmeta` ( `post_id` , `meta_key` , `meta_value` ) $wpdb->query($wpdb->prepare("INSERT INTO `$wpdb->postmeta` ( `post_id` , `meta_key` , `meta_value` )
VALUES ( '$post_ID', 'enclosure' , '$meta_value')" ); VALUES ( %d, 'enclosure' , %s)", $post_ID, $meta_value));
} }
} }
} }

6
wp-includes/general-template.php
View File

@ -208,7 +208,7 @@ function wp_title($sep = '»', $display = true) {
} }
if ( !empty($author_name) ) { if ( !empty($author_name) ) {
// We do a direct query here because we don't cache by nicename. // We do a direct query here because we don't cache by nicename.
$title = $wpdb->get_var("SELECT display_name FROM $wpdb->users WHERE user_nicename = '$author_name'"); $title = $wpdb->get_var($wpdb->prepare("SELECT display_name FROM $wpdb->users WHERE user_nicename = %s", $author_name));
} }
// If there's a month // If there's a month
@ -255,7 +255,7 @@ function single_post_title($prefix = '', $display = true) {
if ( intval($p) || '' != $name ) { if ( intval($p) || '' != $name ) {
if ( !$p ) if ( !$p )
$p = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_name = '$name'"); $p = $wpdb->get_var($wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_name = %s", $name));
$post = & get_post($p); $post = & get_post($p);
$title = $post->post_title; $title = $post->post_title;
$title = apply_filters('single_post_title', $title); $title = apply_filters('single_post_title', $title);
@ -363,7 +363,7 @@ function wp_get_archives($args = '') {
$type = 'monthly'; $type = 'monthly';
if ( '' != $limit ) { if ( '' != $limit ) {
$limit = (int) $limit; $limit = abs(intval($limit));
$limit = ' LIMIT '.$limit; $limit = ' LIMIT '.$limit;
} }

12
wp-includes/link-template.php
View File

@ -367,9 +367,9 @@ function get_previous_post($in_same_cat = false, $excluded_categories = '') {
if ( $in_same_cat ) { if ( $in_same_cat ) {
$join = " INNER JOIN $wpdb->term_relationships AS tr ON p.ID = tr.object_id "; $join = " INNER JOIN $wpdb->term_relationships AS tr ON p.ID = tr.object_id ";
$cat_array = wp_get_object_terms($post->ID, 'category', 'fields=tt_ids'); $cat_array = wp_get_object_terms($post->ID, 'category', 'fields=tt_ids');
$join .= ' AND (tr.term_taxonomy_id = ' . intval($cat_array[0]); $join .= $wpdb->prepare(' AND (tr.term_taxonomy_id = %d', $cat_array[0]);
for ( $i = 1; $i < (count($cat_array)); $i++ ) { for ( $i = 1; $i < (count($cat_array)); $i++ ) {
$join .= ' OR tr.term_taxonomy_id = ' . intval($cat_array[$i]); $join .= $wpdb->prepare(' OR tr.term_taxonomy_id = %d', $cat_array[$i]);
} }
$join .= ')'; $join .= ')';
} }
@ -382,7 +382,7 @@ function get_previous_post($in_same_cat = false, $excluded_categories = '') {
} }
$join = apply_filters( 'get_previous_post_join', $join, $in_same_cat, $excluded_categories ); $join = apply_filters( 'get_previous_post_join', $join, $in_same_cat, $excluded_categories );
$where = apply_filters( 'get_previous_post_where', "WHERE p.post_date < '$current_post_date' AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql", $in_same_cat, $excluded_categories ); $where = apply_filters( 'get_previous_post_where', $wpdb->prepare("WHERE p.post_date < %s AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql", $current_post_date), $in_same_cat, $excluded_categories );
$sort = apply_filters( 'get_previous_post_sort', 'ORDER BY p.post_date DESC LIMIT 1' ); $sort = apply_filters( 'get_previous_post_sort', 'ORDER BY p.post_date DESC LIMIT 1' );
return @$wpdb->get_row("SELECT p.ID, p.post_title FROM $wpdb->posts AS p $join $where $sort"); return @$wpdb->get_row("SELECT p.ID, p.post_title FROM $wpdb->posts AS p $join $where $sort");
@ -400,9 +400,9 @@ function get_next_post($in_same_cat = false, $excluded_categories = '') {
if ( $in_same_cat ) { if ( $in_same_cat ) {
$join = " INNER JOIN $wpdb->term_relationships AS tr ON p.ID = tr.object_id "; $join = " INNER JOIN $wpdb->term_relationships AS tr ON p.ID = tr.object_id ";
$cat_array = wp_get_object_terms($post->ID, 'category', 'fields=tt_ids'); $cat_array = wp_get_object_terms($post->ID, 'category', 'fields=tt_ids');
$join .= ' AND (tr.term_taxonomy_id = ' . intval($cat_array[0]); $join .= $wpdb->prepare(' AND (tr.term_taxonomy_id = %d', $cat_array[0]);
for ( $i = 1; $i < (count($cat_array)); $i++ ) { for ( $i = 1; $i < (count($cat_array)); $i++ ) {
$join .= ' OR tr.term_taxonomy_id = ' . intval($cat_array[$i]); $join .= $wpdb->prepare(' OR tr.term_taxonomy_id = $d', $cat_array[$i]);
} }
$join .= ')'; $join .= ')';
} }
@ -415,7 +415,7 @@ function get_next_post($in_same_cat = false, $excluded_categories = '') {
} }
$join = apply_filters( 'get_next_post_join', $join, $in_same_cat, $excluded_categories ); $join = apply_filters( 'get_next_post_join', $join, $in_same_cat, $excluded_categories );
$where = apply_filters( 'get_next_post_where', "WHERE p.post_date > '$current_post_date' AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql AND p.ID != $post->ID", $in_same_cat, $excluded_categories ); $where = apply_filters( 'get_next_post_where', $wpdb->prepare("WHERE p.post_date > %s AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql AND p.ID != %d", $current_post_date, $post->ID), $in_same_cat, $excluded_categories );
$sort = apply_filters( 'get_next_post_sort', 'ORDER BY p.post_date ASC LIMIT 1' ); $sort = apply_filters( 'get_next_post_sort', 'ORDER BY p.post_date ASC LIMIT 1' );
return @$wpdb->get_row("SELECT p.ID, p.post_title FROM $wpdb->posts AS p $join $where $sort"); return @$wpdb->get_row("SELECT p.ID, p.post_title FROM $wpdb->posts AS p $join $where $sort");

14
wp-includes/pluggable.php
View File

@ -60,7 +60,7 @@ endif;
if ( !function_exists('get_userdata') ) : if ( !function_exists('get_userdata') ) :
function get_userdata( $user_id ) { function get_userdata( $user_id ) {
global $wpdb; global $wpdb;
$user_id = (int) $user_id; $user_id = abs(intval($user_id));
if ( $user_id == 0 ) if ( $user_id == 0 )
return false; return false;
@ -69,11 +69,11 @@ function get_userdata( $user_id ) {
if ( $user ) if ( $user )
return $user; return $user;
if ( !$user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE ID = '$user_id' LIMIT 1") ) if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE ID = %d LIMIT 1", $user_id)) )
return false; return false;
$wpdb->hide_errors(); $wpdb->hide_errors();
$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user_id'"); $metavalues = $wpdb->get_results($wpdb->prepare("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = %d", $user_id));
$wpdb->show_errors(); $wpdb->show_errors();
if ($metavalues) { if ($metavalues) {
@ -121,9 +121,7 @@ function get_userdatabylogin($user_login) {
if ( $userdata ) if ( $userdata )
return $userdata; return $userdata;
$user_login = $wpdb->escape($user_login); if ( !$user_ID = $wpdb->get_var($wpdb->prepare("SELECT ID FROM $wpdb->users WHERE user_login = %s", $user_login)) )
if ( !$user_ID = $wpdb->get_var("SELECT ID FROM $wpdb->users WHERE user_login = '$user_login'") )
return false; return false;
$user = get_userdata($user_ID); $user = get_userdata($user_ID);
@ -579,8 +577,8 @@ function wp_notify_moderator($comment_id) {
if( get_option( "moderation_notify" ) == 0 ) if( get_option( "moderation_notify" ) == 0 )
return true; return true;
$comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1"); $comment = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_ID=%d LIMIT 1", $comment_id));
$post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID='$comment->comment_post_ID' LIMIT 1"); $post = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID=%d LIMIT 1", $comment->comment_post_ID));
$comment_author_domain = @gethostbyaddr($comment->comment_author_IP); $comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
$comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'"); $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'");

175
wp-includes/post.php
View File

@ -113,8 +113,7 @@ function &get_post(&$post, $output = OBJECT, $filter = 'raw') {
elseif ( $_post = wp_cache_get($post, 'pages') ) elseif ( $_post = wp_cache_get($post, 'pages') )
return get_page($_post, $output); return get_page($_post, $output);
else { else {
$query = "SELECT * FROM $wpdb->posts WHERE ID = '$post' LIMIT 1"; $_post = & $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID = %d LIMIT 1", $post));
$_post = & $wpdb->get_row($query);
if ( 'page' == $_post->post_type ) if ( 'page' == $_post->post_type )
return get_page($_post, $output); return get_page($_post, $output);
$post_cache[$blog_id][$post] = & $_post; $post_cache[$blog_id][$post] = & $_post;
@ -223,9 +222,9 @@ function get_posts($args) {
if ( count($incposts) ) { if ( count($incposts) ) {
foreach ( $incposts as $incpost ) { foreach ( $incposts as $incpost ) {
if (empty($inclusions)) if (empty($inclusions))
$inclusions = ' AND ( ID = ' . intval($incpost) . ' '; $inclusions = $wpdb->prepare(' AND ( ID = %d ', $incpost);
else else
$inclusions .= ' OR ID = ' . intval($incpost) . ' '; $inclusions .= $wpdb->prepare(' OR ID = %d ', $incpost);
} }
} }
} }
@ -238,9 +237,9 @@ function get_posts($args) {
if ( count($exposts) ) { if ( count($exposts) ) {
foreach ( $exposts as $expost ) { foreach ( $exposts as $expost ) {
if (empty($exclusions)) if (empty($exclusions))
$exclusions = ' AND ( ID <> ' . intval($expost) . ' '; $exclusions = $wpdb->prepare(' AND ( ID <> %d ', $expost);
else else
$exclusions .= ' AND ID <> ' . intval($expost) . ' '; $exclusions .= $wpdb->prepare(' AND ID <> %d ', $expost);
} }
} }
} }
@ -251,15 +250,16 @@ function get_posts($args) {
$query .= empty( $category ) ? '' : ", $wpdb->term_relationships, $wpdb->term_taxonomy "; $query .= empty( $category ) ? '' : ", $wpdb->term_relationships, $wpdb->term_taxonomy ";
$query .= empty( $meta_key ) ? '' : ", $wpdb->postmeta "; $query .= empty( $meta_key ) ? '' : ", $wpdb->postmeta ";
$query .= " WHERE 1=1 "; $query .= " WHERE 1=1 ";
$query .= empty( $post_type ) ? '' : "AND post_type = '$post_type' "; $query .= empty( $post_type ) ? '' : $wpdb->prepare("AND post_type = %s ", $post_type);
$query .= empty( $post_status ) ? '' : "AND post_status = '$post_status' "; $query .= empty( $post_status ) ? '' : $wpdb->prepare("AND post_status = %s ", $post_status);
$query .= "$exclusions $inclusions " ; $query .= "$exclusions $inclusions " ;
$query .= empty( $category ) ? '' : "AND ($wpdb->posts.ID = $wpdb->term_relationships.object_id AND $wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id AND $wpdb->term_taxonomy.term_id = " . $category. ") "; $query .= empty( $category ) ? '' : $wpdb->prepare("AND ($wpdb->posts.ID = $wpdb->term_relationships.object_id AND $wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id AND $wpdb->term_taxonomy.term_id = %d) ", $category);
$query .= empty( $post_parent ) ? '' : "AND $wpdb->posts.post_parent = '$post_parent' "; $query .= empty( $post_parent ) ? '' : $wpdb->prepare("AND $wpdb->posts.post_parent = %d ", $post_parent);
// expected_slashed ($meta_key, $meta_value) -- Also, this looks really funky, doesn't seem like it works
$query .= empty( $meta_key ) | empty($meta_value) ? '' : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )"; $query .= empty( $meta_key ) | empty($meta_value) ? '' : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )";
$query .= " GROUP BY $wpdb->posts.ID ORDER BY " . $orderby . ' ' . $order; $query .= " GROUP BY $wpdb->posts.ID ORDER BY " . $orderby . ' ' . $order;
if ( 0 < $numberposts ) if ( 0 < $numberposts )
$query .= " LIMIT " . $offset . ',' . $numberposts; $query .= $wpdb->prepare(" LIMIT %d,%d", $offset, $numberposts);
$posts = $wpdb->get_results($query); $posts = $wpdb->get_results($query);
@ -275,10 +275,9 @@ function get_posts($args) {
function add_post_meta($post_id, $key, $value, $unique = false) { function add_post_meta($post_id, $key, $value, $unique = false) {
global $wpdb, $post_meta_cache, $blog_id; global $wpdb, $post_meta_cache, $blog_id;
$post_id = (int) $post_id;
if ( $unique ) { if ( $unique ) {
if ( $wpdb->get_var("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = '$post_id'") ) { // expected_slashed ($key)
if ( $wpdb->get_var($wpdb->prepare("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = %d", $post_id)) ) {
return false; return false;
} }
} }
@ -286,9 +285,9 @@ function add_post_meta($post_id, $key, $value, $unique = false) {
$post_meta_cache[$blog_id][$post_id][$key][] = $value; $post_meta_cache[$blog_id][$post_id][$key][] = $value;
$value = maybe_serialize($value); $value = maybe_serialize($value);
$value = $wpdb->escape($value);
$wpdb->query("INSERT INTO $wpdb->postmeta (post_id,meta_key,meta_value) VALUES ('$post_id','$key','$value')"); // expected_slashed ($key)
$wpdb->query($wpdb->prepare("INSERT INTO $wpdb->postmeta (post_id,meta_key,meta_value) VALUES (%d,'$key',%s)", $post_id, $value));
return true; return true;
} }
@ -296,22 +295,24 @@ function add_post_meta($post_id, $key, $value, $unique = false) {
function delete_post_meta($post_id, $key, $value = '') { function delete_post_meta($post_id, $key, $value = '') {
global $wpdb, $post_meta_cache, $blog_id; global $wpdb, $post_meta_cache, $blog_id;
$post_id = (int) $post_id;
if ( empty($value) ) { if ( empty($value) ) {
$meta_id = $wpdb->get_var("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key'"); // expected_slashed ($key)
$meta_id = $wpdb->get_var($wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key'", $post_id));
} else { } else {
$meta_id = $wpdb->get_var("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key' AND meta_value = '$value'"); // expected_slashed ($key, $value)
$meta_id = $wpdb->get_var($wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key' AND meta_value = '$value'", $post_id));
} }
if ( !$meta_id ) if ( !$meta_id )
return false; return false;
if ( empty($value) ) { if ( empty($value) ) {
$wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key'"); // expected_slashed ($key)
$wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key'", $post_id));
unset($post_meta_cache[$blog_id][$post_id][$key]); unset($post_meta_cache[$blog_id][$post_id][$key]);
} else { } else {
$wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key' AND meta_value = '$value'"); // expected_slashed ($key, $value)
$wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = '$key' AND meta_value = '$value'", $post_id));
$cache_key = $post_meta_cache[$blog_id][$post_id][$key]; $cache_key = $post_meta_cache[$blog_id][$post_id][$key];
if ($cache_key) foreach ( $cache_key as $index => $data ) if ($cache_key) foreach ( $cache_key as $index => $data )
if ( $data == $value ) if ( $data == $value )
@ -352,28 +353,27 @@ function get_post_meta($post_id, $key, $single = false) {
function update_post_meta($post_id, $key, $value, $prev_value = '') { function update_post_meta($post_id, $key, $value, $prev_value = '') {
global $wpdb, $post_meta_cache, $blog_id; global $wpdb, $post_meta_cache, $blog_id;
$post_id = (int) $post_id;
$original_value = $value; $original_value = $value;
$value = maybe_serialize($value); $value = maybe_serialize($value);
$value = $wpdb->escape($value);
$original_prev = $prev_value; $original_prev = $prev_value;
$prev_value = maybe_serialize($prev_value); $prev_value = maybe_serialize($prev_value);
$prev_value = $wpdb->escape($prev_value);
if (! $wpdb->get_var("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = '$post_id'") ) { // expected_slashed ($key)
if (! $wpdb->get_var($wpdb->prepare("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = %d", $post_id)) ) {
return false; return false;
} }
if ( empty($prev_value) ) { if ( empty($prev_value) ) {
$wpdb->query("UPDATE $wpdb->postmeta SET meta_value = '$value' WHERE meta_key = '$key' AND post_id = '$post_id'"); // expected_slashed ($key)
$wpdb->query($wpdb->prepare("UPDATE $wpdb->postmeta SET meta_value = %s WHERE meta_key = '$key' AND post_id = %d", $value, $post_id));
$cache_key = $post_meta_cache[$blog_id][$post_id][$key]; $cache_key = $post_meta_cache[$blog_id][$post_id][$key];
if ( !empty($cache_key) ) if ( !empty($cache_key) )
foreach ($cache_key as $index => $data) foreach ($cache_key as $index => $data)
$post_meta_cache[$blog_id][$post_id][$key][$index] = $original_value; $post_meta_cache[$blog_id][$post_id][$key][$index] = $original_value;
} else { } else {
$wpdb->query("UPDATE $wpdb->postmeta SET meta_value = '$value' WHERE meta_key = '$key' AND post_id = '$post_id' AND meta_value = '$prev_value'"); // expected_slashed ($key)
$wpdb->query($wpdb->prepare("UPDATE $wpdb->postmeta SET meta_value = %s WHERE meta_key = '$key' AND post_id = %d AND meta_value = %s", $value, $post_id, $prev_value));
$cache_key = $post_meta_cache[$blog_id][$post_id][$key]; $cache_key = $post_meta_cache[$blog_id][$post_id][$key];
if ( !empty($cache_key) ) if ( !empty($cache_key) )
foreach ($cache_key as $index => $data) foreach ($cache_key as $index => $data)
@ -387,8 +387,7 @@ function update_post_meta($post_id, $key, $value, $prev_value = '') {
function delete_post_meta_by_key($post_meta_key) { function delete_post_meta_by_key($post_meta_key) {
global $wpdb, $post_meta_cache, $blog_id; global $wpdb, $post_meta_cache, $blog_id;
$post_meta_key = $wpdb->escape($post_meta_key); if ( $wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE meta_key = %s", $post_meta_key)) ) {
if ( $wpdb->query("DELETE FROM $wpdb->postmeta WHERE meta_key = '$post_meta_key'") ) {
unset($post_meta_cache[$blog_id]); // not worth doing the work to iterate through the cache unset($post_meta_cache[$blog_id]); // not worth doing the work to iterate through the cache
return true; return true;
} }
@ -504,9 +503,8 @@ function sanitize_post_field($field, $value, $post_id, $context) {
function wp_delete_post($postid = 0) { function wp_delete_post($postid = 0) {
global $wpdb, $wp_rewrite; global $wpdb, $wp_rewrite;
$postid = (int) $postid;
if ( !$post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID = $postid") ) if ( !$post = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID = %d", $postid)) )
return $post; return $post;
if ( 'attachment' == $post->post_type ) if ( 'attachment' == $post->post_type )
@ -518,15 +516,15 @@ function wp_delete_post($postid = 0) {
wp_delete_object_term_relationships($postid, array('category', 'post_tag')); wp_delete_object_term_relationships($postid, array('category', 'post_tag'));
if ( 'page' == $post->post_type ) if ( 'page' == $post->post_type )
$wpdb->query("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = $postid AND post_type = 'page'"); $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = %d AND post_type = 'page'", $postid ));
$wpdb->query("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = $postid AND post_type = 'attachment'"); $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_parent = %s WHERE post_parent = %d AND post_type = 'attachment'", $post->post_parent, $postid ));
$wpdb->query("DELETE FROM $wpdb->posts WHERE ID = $postid"); $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid ));
$wpdb->query("DELETE FROM $wpdb->comments WHERE comment_post_ID = $postid"); $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->comments WHERE comment_post_ID = %d", $postid ));
$wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = $postid"); $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d", $postid ));
if ( 'page' == $post->post_type ) { if ( 'page' == $post->post_type ) {
clean_page_cache($postid); clean_page_cache($postid);
@ -694,13 +692,15 @@ function wp_insert_post($postarr = array()) {
$post_password = ''; $post_password = '';
if ( 'draft' != $post_status ) { if ( 'draft' != $post_status ) {
$post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_type = '$post_type' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1"); // expected_slashed ($post_name, $post_type)
$post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_type = '$post_type' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent));
if ($post_name_check || in_array($post_name, $wp_rewrite->feeds) ) { if ($post_name_check || in_array($post_name, $wp_rewrite->feeds) ) {
$suffix = 2; $suffix = 2;
do { do {
$alt_post_name = substr($post_name, 0, 200-(strlen($suffix)+1)). "-$suffix"; $alt_post_name = substr($post_name, 0, 200-(strlen($suffix)+1)). "-$suffix";
$post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_type = '$post_type' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1"); // expected_slashed ($alt_post_name, $post_name, $post_type)
$post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_type = '$post_type' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent));
$suffix++; $suffix++;
} while ($post_name_check); } while ($post_name_check);
$post_name = $alt_post_name; $post_name = $alt_post_name;
@ -708,7 +708,9 @@ function wp_insert_post($postarr = array()) {
} }
if ($update) { if ($update) {
// expected_slashed (everything!)
$wpdb->query( $wpdb->query(
$wpdb->prepare(
"UPDATE IGNORE $wpdb->posts SET "UPDATE IGNORE $wpdb->posts SET
post_author = '$post_author', post_author = '$post_author',
post_date = '$post_date', post_date = '$post_date',
@ -727,21 +729,25 @@ function wp_insert_post($postarr = array()) {
pinged = '$pinged', pinged = '$pinged',
post_modified = '".current_time('mysql')."', post_modified = '".current_time('mysql')."',
post_modified_gmt = '".current_time('mysql',1)."', post_modified_gmt = '".current_time('mysql',1)."',
post_parent = '$post_parent', post_parent = %d,
menu_order = '$menu_order' menu_order = '$menu_order'
WHERE ID = $post_ID"); WHERE ID = %d"
, $post_parent, $post_ID ));
} else { } else {
// expected_slashed (everything!)
$wpdb->query( $wpdb->query(
$wpdb->prepare(
"INSERT IGNORE INTO $wpdb->posts "INSERT IGNORE INTO $wpdb->posts
(post_author, post_date, post_date_gmt, post_content, post_content_filtered, post_title, post_excerpt, post_status, post_type, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_parent, menu_order, post_mime_type) (post_author, post_date, post_date_gmt, post_content, post_content_filtered, post_title, post_excerpt, post_status, post_type, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_parent, menu_order, post_mime_type)
VALUES VALUES
('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order', '$post_mime_type')"); ('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', %d, '$menu_order', '$post_mime_type')", $post_parent));
$post_ID = (int) $wpdb->insert_id; $post_ID = (int) $wpdb->insert_id;
} }
if ( empty($post_name) && 'draft' != $post_status ) { if ( empty($post_name) && 'draft' != $post_status ) {
$post_name = sanitize_title($post_title, $post_ID); $post_name = sanitize_title($post_title, $post_ID);
$wpdb->query( "UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = '$post_ID'" ); // expected_slashed ($post_name)
$wpdb->query($wpdb->prepare("UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = %d", $post_ID));
} }
wp_set_post_categories( $post_ID, $post_category ); wp_set_post_categories( $post_ID, $post_category );
@ -755,7 +761,7 @@ function wp_insert_post($postarr = array()) {
// Set GUID // Set GUID
if ( ! $update ) if ( ! $update )
$wpdb->query("UPDATE $wpdb->posts SET guid = '" . get_permalink($post_ID) . "' WHERE ID = '$post_ID'"); $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET guid = %s WHERE ID = %d", get_permalink($post_ID), $post_ID ));
$post = get_post($post_ID); $post = get_post($post_ID);
if ( !empty($page_template) ) if ( !empty($page_template) )
@ -823,7 +829,7 @@ function wp_publish_post($post_id) {
if ( 'publish' == $post->post_status ) if ( 'publish' == $post->post_status )
return; return;
$wpdb->query( "UPDATE $wpdb->posts SET post_status = 'publish' WHERE ID = '$post_id'" ); $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_status = 'publish' WHERE ID = %d", $post_id ));
$old_status = $post->post_status; $old_status = $post->post_status;
$post->post_status = 'publish'; $post->post_status = 'publish';
@ -883,13 +889,14 @@ function wp_transition_post_status($new_status, $old_status, $post) {
function add_ping($post_id, $uri) { // Add a URL to those already pung function add_ping($post_id, $uri) { // Add a URL to those already pung
global $wpdb; global $wpdb;
$pung = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_id"); $pung = $wpdb->get_var( $wpdb->prepare( "SELECT pinged FROM $wpdb->posts WHERE ID = %d", $post_id ));
$pung = trim($pung); $pung = trim($pung);
$pung = preg_split('/\s/', $pung); $pung = preg_split('/\s/', $pung);
$pung[] = $uri; $pung[] = $uri;
$new = implode("\n", $pung); $new = implode("\n", $pung);
$new = apply_filters('add_ping', $new); $new = apply_filters('add_ping', $new);
return $wpdb->query("UPDATE $wpdb->posts SET pinged = '$new' WHERE ID = $post_id"); // expected_slashed ($new)
return $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET pinged = '$new' WHERE ID = %d", $post_id ));
} }
function get_enclosed($post_id) { // Get enclosures already enclosed for a post function get_enclosed($post_id) { // Get enclosures already enclosed for a post
@ -913,7 +920,7 @@ function get_enclosed($post_id) { // Get enclosures already enclosed for a post
function get_pung($post_id) { // Get URLs already pung for a post function get_pung($post_id) { // Get URLs already pung for a post
global $wpdb; global $wpdb;
$pung = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_id"); $pung = $wpdb->get_var( $wpdb->prepare( "SELECT pinged FROM $wpdb->posts WHERE ID = %d", $post_id ));
$pung = trim($pung); $pung = trim($pung);
$pung = preg_split('/\s/', $pung); $pung = preg_split('/\s/', $pung);
$pung = apply_filters('get_pung', $pung); $pung = apply_filters('get_pung', $pung);
@ -922,7 +929,7 @@ function get_pung($post_id) { // Get URLs already pung for a post
function get_to_ping($post_id) { // Get any URLs in the todo list function get_to_ping($post_id) { // Get any URLs in the todo list
global $wpdb; global $wpdb;
$to_ping = $wpdb->get_var("SELECT to_ping FROM $wpdb->posts WHERE ID = $post_id"); $to_ping = $wpdb->get_var( $wpdb->prepare( "SELECT to_ping FROM $wpdb->posts WHERE ID = %d", $post_id ));
$to_ping = trim($to_ping); $to_ping = trim($to_ping);
$to_ping = preg_split('/\s/', $to_ping, -1, PREG_SPLIT_NO_EMPTY); $to_ping = preg_split('/\s/', $to_ping, -1, PREG_SPLIT_NO_EMPTY);
$to_ping = apply_filters('get_to_ping', $to_ping); $to_ping = apply_filters('get_to_ping', $to_ping);
@ -1001,7 +1008,7 @@ function &get_page(&$page, $output = OBJECT) {
return get_post($page, $output); return get_post($page, $output);
} else { // it's not in any caches, so off to the DB we go } else { // it's not in any caches, so off to the DB we go
// Why are we using assignment for this query? // Why are we using assignment for this query?
$_page = & $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID= '$page' LIMIT 1"); $_page = & $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE ID= %d LIMIT 1", $page ));
if ( 'post' == $_page->post_type ) if ( 'post' == $_page->post_type )
return get_post($_page, $output); return get_post($_page, $output);
// Potential issue: we're not checking to see if the post_type = 'page' // Potential issue: we're not checking to see if the post_type = 'page'
@ -1035,7 +1042,7 @@ function get_page_by_path($page_path, $output = OBJECT) {
foreach($page_paths as $pathdir) foreach($page_paths as $pathdir)
$full_path .= ($pathdir!=''?'/':'') . sanitize_title($pathdir); $full_path .= ($pathdir!=''?'/':'') . sanitize_title($pathdir);
$pages = $wpdb->get_results("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_name = '$leaf_path' AND post_type='page'"); $pages = $wpdb->get_results( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_name = %s AND post_type='page'", $leaf_path ));
if ( empty($pages) ) if ( empty($pages) )
return NULL; return NULL;
@ -1044,7 +1051,7 @@ function get_page_by_path($page_path, $output = OBJECT) {
$path = '/' . $leaf_path; $path = '/' . $leaf_path;
$curpage = $page; $curpage = $page;
while ($curpage->post_parent != 0) { while ($curpage->post_parent != 0) {
$curpage = $wpdb->get_row("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE ID = '$curpage->post_parent' and post_type='page'"); $curpage = $wpdb->get_row( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE ID = %d and post_type='page'", $curpage->post_parent ));
$path = '/' . $curpage->post_name . $path; $path = '/' . $curpage->post_name . $path;
} }
@ -1057,8 +1064,7 @@ function get_page_by_path($page_path, $output = OBJECT) {
function get_page_by_title($page_title, $output = OBJECT) { function get_page_by_title($page_title, $output = OBJECT) {
global $wpdb; global $wpdb;
$page_title = $wpdb->escape($page_title); $page = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_title = %s AND post_type='page'", $page_title ));
$page = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$page_title' AND post_type='page'");
if ( $page ) if ( $page )
return get_page($page, $output); return get_page($page, $output);
@ -1141,9 +1147,9 @@ function &get_pages($args = '') {
if ( count($incpages) ) { if ( count($incpages) ) {
foreach ( $incpages as $incpage ) { foreach ( $incpages as $incpage ) {
if (empty($inclusions)) if (empty($inclusions))
$inclusions = ' AND ( ID = ' . intval($incpage) . ' '; $inclusions = $wpdb->prepare(' AND ( ID = %d ', $incpage);
else else
$inclusions .= ' OR ID = ' . intval($incpage) . ' '; $inclusions .= $wpdb->prepare(' OR ID = %d ', $incpage);
} }
} }
} }
@ -1156,9 +1162,9 @@ function &get_pages($args = '') {
if ( count($expages) ) { if ( count($expages) ) {
foreach ( $expages as $expage ) { foreach ( $expages as $expage ) {
if (empty($exclusions)) if (empty($exclusions))
$exclusions = ' AND ( ID <> ' . intval($expage) . ' '; $exclusions = $wpdb->prepare(' AND ( ID <> %d ', $expage);
else else
$exclusions .= ' AND ID <> ' . intval($expage) . ' '; $exclusions .= $wpdb->prepare(' AND ID <> %d ', $expage);
} }
} }
} }
@ -1182,9 +1188,9 @@ function &get_pages($args = '') {
} }
if ( '' == $author_query ) if ( '' == $author_query )
$author_query = ' post_author = ' . intval($post_author) . ' '; $author_query = $wpdb->prepare(' post_author = %d ', $post_author);
else else
$author_query .= ' OR post_author = ' . intval($post_author) . ' '; $author_query .= $wpdb->prepare(' OR post_author = %d ', $post_author);
} }
if ( '' != $author_query ) if ( '' != $author_query )
$author_query = " AND ($author_query)"; $author_query = " AND ($author_query)";
@ -1194,6 +1200,7 @@ function &get_pages($args = '') {
$query = "SELECT * FROM $wpdb->posts " ; $query = "SELECT * FROM $wpdb->posts " ;
$query .= ( empty( $meta_key ) ? "" : ", $wpdb->postmeta " ) ; $query .= ( empty( $meta_key ) ? "" : ", $wpdb->postmeta " ) ;
$query .= " WHERE (post_type = 'page' AND post_status = 'publish') $exclusions $inclusions " ; $query .= " WHERE (post_type = 'page' AND post_status = 'publish') $exclusions $inclusions " ;
// expected_slashed ($meta_key, $meta_value) -- also, it looks funky
$query .= ( empty( $meta_key ) | empty($meta_value) ? "" : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )" ) ; $query .= ( empty( $meta_key ) | empty($meta_value) ? "" : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )" ) ;
$query .= $author_query; $query .= $author_query;
$query .= " ORDER BY " . $sort_column . " " . $sort_order ; $query .= " ORDER BY " . $sort_column . " " . $sort_order ;
@ -1234,7 +1241,7 @@ function generate_page_uri_index() {
// URL => page name // URL => page name
$uri = get_page_uri($id); $uri = get_page_uri($id);
$attachments = $wpdb->get_results("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = '$id'"); $attachments = $wpdb->get_results( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = %d", $id ));
if ( $attachments ) { if ( $attachments ) {
foreach ( $attachments as $attachment ) { foreach ( $attachments as $attachment ) {
$attach_uri = get_page_uri($attachment->ID); $attach_uri = get_page_uri($attachment->ID);
@ -1312,14 +1319,16 @@ function wp_insert_attachment($object, $file = false, $parent = 0) {
else else
$post_name = sanitize_title($post_name); $post_name = sanitize_title($post_name);
// expected_slashed ($post_name)
$post_name_check = $post_name_check =
$wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_status = 'inherit' AND ID != '$post_ID' LIMIT 1"); $wpdb->get_var( $wpdb->prepare( "SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_status = 'inherit' AND ID != %d LIMIT 1", $post_ID));
if ($post_name_check) { if ($post_name_check) {
$suffix = 2; $suffix = 2;
while ($post_name_check) { while ($post_name_check) {
$alt_post_name = $post_name . "-$suffix"; $alt_post_name = $post_name . "-$suffix";
$post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_status = 'inherit' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1"); // expected_slashed ($alt_post_name, $post_name)
$post_name_check = $wpdb->get_var( $wpdb->prepare( "SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_status = 'inherit' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent));
$suffix++; $suffix++;
} }
$post_name = $alt_post_name; $post_name = $alt_post_name;
@ -1361,7 +1370,9 @@ function wp_insert_attachment($object, $file = false, $parent = 0) {
$pinged = ''; $pinged = '';
if ($update) { if ($update) {
// expected_slashed (everything!)
$wpdb->query( $wpdb->query(
$wpdb->prepare(
"UPDATE $wpdb->posts SET "UPDATE $wpdb->posts SET
post_author = '$post_author', post_author = '$post_author',
post_date = '$post_date', post_date = '$post_date',
@ -1380,23 +1391,26 @@ function wp_insert_attachment($object, $file = false, $parent = 0) {
pinged = '$pinged', pinged = '$pinged',
post_modified = '".current_time('mysql')."', post_modified = '".current_time('mysql')."',
post_modified_gmt = '".current_time('mysql',1)."', post_modified_gmt = '".current_time('mysql',1)."',
post_parent = '$post_parent', post_parent = %d,
menu_order = '$menu_order', menu_order = '$menu_order',
post_mime_type = '$post_mime_type', post_mime_type = '$post_mime_type',
guid = '$guid' guid = '$guid'
WHERE ID = $post_ID"); WHERE ID = %d", $post_parent, $post_ID));
} else { } else {
// expected_slashed (everything!)
$wpdb->query( $wpdb->query(
$wpdb->prepare(
"INSERT INTO $wpdb->posts "INSERT INTO $wpdb->posts
(post_author, post_date, post_date_gmt, post_content, post_content_filtered, post_title, post_excerpt, post_status, post_type, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_parent, menu_order, post_mime_type, guid) (post_author, post_date, post_date_gmt, post_content, post_content_filtered, post_title, post_excerpt, post_status, post_type, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_parent, menu_order, post_mime_type, guid)
VALUES VALUES
('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order', '$post_mime_type', '$guid')"); ('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', %d, '$menu_order', '$post_mime_type', '$guid')", $post_parent ));
$post_ID = (int) $wpdb->insert_id; $post_ID = (int) $wpdb->insert_id;
} }
if ( empty($post_name) ) { if ( empty($post_name) ) {
$post_name = sanitize_title($post_title, $post_ID); $post_name = sanitize_title($post_title, $post_ID);
$wpdb->query( "UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = '$post_ID'" ); // expected_slashed ($post_name)
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = %d", $post_ID));
} }
wp_set_post_categories($post_ID, $post_category); wp_set_post_categories($post_ID, $post_category);
@ -1417,9 +1431,8 @@ function wp_insert_attachment($object, $file = false, $parent = 0) {
function wp_delete_attachment($postid) { function wp_delete_attachment($postid) {
global $wpdb; global $wpdb;
$postid = (int) $postid;
if ( !$post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID = '$postid'") ) if ( !$post = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE ID = %d", $postid)) )
return $post; return $post;
if ( 'attachment' != $post->post_type ) if ( 'attachment' != $post->post_type )
@ -1431,15 +1444,15 @@ function wp_delete_attachment($postid) {
// TODO delete for pluggable post taxonomies too // TODO delete for pluggable post taxonomies too
wp_delete_object_term_relationships($postid, array('category', 'post_tag')); wp_delete_object_term_relationships($postid, array('category', 'post_tag'));
$wpdb->query("DELETE FROM $wpdb->posts WHERE ID = '$postid'"); $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid ));
$wpdb->query("DELETE FROM $wpdb->comments WHERE comment_post_ID = '$postid'"); $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->comments WHERE comment_post_ID = %d", $postid ));
$wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$postid'"); $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d ", $postid ));
if ( ! empty($meta['thumb']) ) { if ( ! empty($meta['thumb']) ) {
// Don't delete the thumb if another attachment uses it // Don't delete the thumb if another attachment uses it
if (! $wpdb->get_row("SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE '%".$wpdb->escape($meta['thumb'])."%' AND post_id <> $postid")) { if (! $wpdb->get_row( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE %s AND post_id <> %d", '%'.$meta['thumb'].'%', $postid)) ) {
$thumbfile = str_replace(basename($file), $meta['thumb'], $file); $thumbfile = str_replace(basename($file), $meta['thumb'], $file);
$thumbfile = apply_filters('wp_delete_file', $thumbfile); $thumbfile = apply_filters('wp_delete_file', $thumbfile);
@ unlink($thumbfile); @ unlink($thumbfile);
@ -1831,7 +1844,7 @@ function _transition_post_status($new_status, $old_status, $post) {
if ( $old_status != 'publish' && $new_status == 'publish' ) { if ( $old_status != 'publish' && $new_status == 'publish' ) {
// Reset GUID if transitioning to publish. // Reset GUID if transitioning to publish.
$wpdb->query("UPDATE $wpdb->posts SET guid = '" . get_permalink($post->ID) . "' WHERE ID = '$post->ID'"); $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET guid = %s WHERE ID = %d", get_permalink($post->ID), $post->ID ));
do_action('private_to_published', $post->ID); // Deprecated, use private_to_publish do_action('private_to_published', $post->ID); // Deprecated, use private_to_publish
} }
@ -1859,16 +1872,16 @@ function _publish_post_hook($post_id) {
$post = get_post($post_id); $post = get_post($post_id);
if ( get_option('default_pingback_flag') ) if ( get_option('default_pingback_flag') )
$result = $wpdb->query(" $result = $wpdb->query( $wpdb->prepare( "
INSERT INTO $wpdb->postmeta INSERT INTO $wpdb->postmeta
(post_id,meta_key,meta_value) (post_id,meta_key,meta_value)
VALUES ('$post_id','_pingme','1') VALUES (%s,'_pingme','1')
"); ", $post_id ));
$result = $wpdb->query(" $result = $wpdb->query( $wpdb->prepare( "
INSERT INTO $wpdb->postmeta INSERT INTO $wpdb->postmeta
(post_id,meta_key,meta_value) (post_id,meta_key,meta_value)
VALUES ('$post_id','_encloseme','1') VALUES (%s,'_encloseme','1')
"); ", $post_id ));
wp_schedule_single_event(time(), 'do_pings'); wp_schedule_single_event(time(), 'do_pings');
} }