Skip to:
Content

BuddyPress.org

Ticket #2952: bp.2952.diff

File bp.2952.diff, 4.2 KB (added by nacin, 13 years ago)
  • bp-core/bp-core-classes.php

     
    148148                        $sql['where_active'] = $wpdb->prepare( "AND um.meta_key = %s", bp_get_user_meta_key( 'last_activity' ) );
    149149
    150150                if ( 'popular' == $type )
    151                         $sql['where_popular'] = "AND um.meta_key = 'total_friend_count'";
     151                        $sql['where_popular'] = $wpdb->prepare( "AND um.meta_key = %s", bp_get_user_meta_key( 'total_friend_count' ) );
    152152
    153153                if ( 'online' == $type )
    154154                        $sql['where_online'] = "AND DATE_ADD( um.meta_value, INTERVAL 5 MINUTE ) >= UTC_TIMESTAMP()";
     
    389389
    390390                // Fetch the user's total friend count
    391391                if ( 'popular' != $type ) {
    392                         $friend_count = $wpdb->get_results( "SELECT user_id as id, meta_value as total_friend_count FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = 'total_friend_count' AND user_id IN ( {$user_ids} )" );
     392                        $friend_count = $wpdb->get_results( $wpdb->prepare( "SELECT user_id as id, meta_value as total_friend_count FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = %s AND user_id IN ( {$user_ids} )", bp_get_user_meta_key('total_friend_count') ) );
    393393                        for ( $i = 0; $i < count( $paged_users ); $i++ ) {
    394394                                foreach ( (array)$friend_count as $count ) {
    395395                                        if ( $count->id == $paged_users[$i]->id )
     
    410410                }
    411411
    412412                if ( 'active' != $type ) {
    413                         $user_activity = $wpdb->get_results( "SELECT user_id as id, meta_value as last_activity FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = '" . bp_get_user_meta_key( 'last_activity' ) . "' AND user_id IN ( {$user_ids} )" );
     413                        $user_activity = $wpdb->get_results( $wpdb->prepare( "SELECT user_id as id, meta_value as last_activity FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = %s AND user_id IN ( {$user_ids} )", bp_get_user_meta_key( 'last_activity' ) ) );
    414414                        for ( $i = 0; $i < count( $paged_users ); $i++ ) {
    415415                                foreach ( (array)$user_activity as $activity ) {
    416416                                        if ( $activity->id == $paged_users[$i]->id )
     
    421421
    422422                // Fetch the user's last_activity
    423423                if ( 'active' != $type ) {
    424                         $user_activity = $wpdb->get_results( "SELECT user_id as id, meta_value as last_activity FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = '" . bp_get_user_meta_key( 'last_activity' ) . "' AND user_id IN ( {$user_ids} )" );
     424                        $user_activity = $wpdb->get_results( $wpdb->prepare( "SELECT user_id as id, meta_value as last_activity FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = %s AND user_id IN ( {$user_ids} )", bp_get_user_meta_key( 'last_activity' ) ) );
    425425                        for ( $i = 0; $i < count( $paged_users ); $i++ ) {
    426426                                foreach ( (array)$user_activity as $activity ) {
    427427                                        if ( $activity->id == $paged_users[$i]->id )
     
    431431                }
    432432
    433433                // Fetch the user's latest update
    434                 $user_update = $wpdb->get_results( "SELECT user_id as id, meta_value as latest_update FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = '" . bp_get_user_meta_key( 'bp_latest_update' ) . "' AND user_id IN ( {$user_ids} )" );
     434                $user_update = $wpdb->get_results( $wpdb->prepare( "SELECT user_id as id, meta_value as latest_update FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = %s AND user_id IN ( {$user_ids} )", bp_get_user_meta_key( 'bp_latest_update' ) ) );
    435435                for ( $i = 0; $i < count( $paged_users ); $i++ ) {
    436436                        foreach ( (array)$user_update as $update ) {
    437437                                if ( $update->id == $paged_users[$i]->id )
  • bp-friends/bp-friends-classes.php

     
    201201        function get_bulk_last_active( $user_ids ) {
    202202                global $wpdb, $bp;
    203203
    204                 return $wpdb->get_results( $wpdb->prepare( "SELECT meta_value as last_activity, user_id FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = '" . bp_get_user_meta_key( 'last_activity' ) . "' AND user_id IN ( {$user_ids} ) ORDER BY meta_value DESC" ) );
     204                return $wpdb->get_results( $wpdb->prepare( "SELECT meta_value as last_activity, user_id FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = %s AND user_id IN ( {$user_ids} ) ORDER BY meta_value DESC", bp_get_user_meta_key( 'last_activity' ) ) );
    205205        }
    206206
    207207        function accept($friendship_id) {