Ticket #6977: 6977.03.patch
| File 6977.03.patch, 38.7 KB (added by , 9 years ago) |
|---|
-
src/bp-activity/bp-activity-functions.php
176 176 } 177 177 178 178 // Get activity object. 179 $activity = new BP_Activity_Activity( (int)$activity_id );179 $activity = new BP_Activity_Activity( $activity_id ); 180 180 181 181 // Try to find mentions. 182 182 $usernames = bp_activity_find_mentions( strip_tags( $activity->content ) ); … … 2633 2633 } 2634 2634 2635 2635 // Check to see if the parent activity is hidden, and if so, hide this comment publicly. 2636 $is_hidden = ( (int) $activity->hide_sitewide )? 1 : 0;2636 $is_hidden = $activity->hide_sitewide ? 1 : 0; 2637 2637 2638 2638 /** 2639 2639 * Filters the content of a new comment. -
src/bp-activity/bp-activity-screens.php
335 335 } else { 336 336 $url = sprintf( 337 337 site_url( 'wp-login.php?redirect_to=%s' ), 338 urlencode( esc_url_raw( bp_activity_get_permalink( (int)bp_current_action() ) ) )338 urlencode( esc_url_raw( bp_activity_get_permalink( bp_current_action() ) ) ) 339 339 ); 340 340 } 341 341 -
src/bp-activity/bp-activity-template.php
1652 1652 // Users are allowed to delete their own activity. This is actually 1653 1653 // quite powerful, because doing so also deletes all comments to that 1654 1654 // activity item. We should revisit this eventually. 1655 if ( isset( $activity->user_id ) && ( (int)$activity->user_id === bp_loggedin_user_id() ) ) {1655 if ( isset( $activity->user_id ) && ( $activity->user_id === bp_loggedin_user_id() ) ) { 1656 1656 $can_delete = true; 1657 1657 } 1658 1658 … … 1707 1707 } 1708 1708 1709 1709 // Get the ID of the parent activity content. 1710 $parent_id = (int)$activities_template->activity->item_id;1710 $parent_id = $activities_template->activity->item_id; 1711 1711 1712 1712 // Bail if no parent content. 1713 1713 if ( empty( $activities_template->activity_parents[ $parent_id ] ) ) { … … 1771 1771 } 1772 1772 1773 1773 // Get the ID of the parent activity content. 1774 $parent_id = (int)$activities_template->activity->item_id;1774 $parent_id = $activities_template->activity->item_id; 1775 1775 1776 1776 // Bail if no parent item. 1777 1777 if ( empty( $activities_template->activity_parents[ $parent_id ] ) ) { -
src/bp-activity/classes/class-bp-activity-activity.php
107 107 * @since 1.1.0 108 108 * @var int 109 109 */ 110 var $hide_sitewide = false;110 var $hide_sitewide = 0; 111 111 112 112 /** 113 113 * Node boundary start for activity or activity comment. … … 142 142 */ 143 143 public function __construct( $id = false ) { 144 144 if ( !empty( $id ) ) { 145 $this->id = $id;145 $this->id = (int) $id; 146 146 $this->populate(); 147 147 } 148 148 } … … 175 175 $this->action = $row->action; 176 176 $this->content = $row->content; 177 177 $this->date_recorded = $row->date_recorded; 178 $this->hide_sitewide = $row->hide_sitewide;178 $this->hide_sitewide = (int) $row->hide_sitewide; 179 179 $this->mptt_left = (int) $row->mptt_left; 180 180 $this->mptt_right = (int) $row->mptt_right; 181 $this->is_spam = $row->is_spam;181 $this->is_spam = (int) $row->is_spam; 182 182 } 183 183 184 184 // Generate dynamic 'action' when possible. … … 708 708 709 709 // Now fetch data from the cache. 710 710 foreach ( $activity_ids as $activity_id ) { 711 $activities[] = wp_cache_get( $activity_id, 'bp_activity' ); 711 // Integer casting. 712 $activity = wp_cache_get( $activity_id, 'bp_activity' ); 713 if ( ! empty( $activity ) ) { 714 $activity->id = (int) $activity->id; 715 $activity->user_id = (int) $activity->user_id; 716 $activity->item_id = (int) $activity->item_id; 717 $activity->secondary_item_id = (int) $activity->secondary_item_id; 718 $activity->hide_sitewide = (int) $activity->hide_sitewide; 719 $activity->mptt_left = (int) $activity->mptt_left; 720 $activity->mptt_right = (int) $activity->mptt_right; 721 $activity->is_spam = (int) $activity->is_spam; 722 } 723 724 $activities[] = $activity; 712 725 } 713 726 714 727 // Then fetch user data. … … 1071 1084 1072 1085 if ( ! empty( $where_args ) ) { 1073 1086 $where_sql = 'WHERE ' . join( ' AND ', $where_args ); 1074 return $wpdb->get_var( "SELECT id FROM {$bp->activity->table_name} {$where_sql}" ); 1087 $query = $wpdb->get_var( "SELECT id FROM {$bp->activity->table_name} {$where_sql}" ); 1088 1089 return is_numeric( $query ) ? (int) $query : false; 1075 1090 } 1076 1091 1077 1092 return false; … … 1763 1778 1764 1779 $bp = buddypress(); 1765 1780 1766 return $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->activity->table_name} WHERE content = %s", $content ) ); 1781 $query = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->activity->table_name} WHERE content = %s", $content ) ); 1782 1783 return is_numeric( $query ) ? (int) $query : false; 1767 1784 } 1768 1785 1769 1786 /** -
src/bp-blogs/bp-blogs-activity.php
830 830 remove_action( 'transition_comment_status', 'bp_activity_transition_post_type_comment_status', 10, 3 ); 831 831 remove_action( 'bp_activity_post_type_comment', 'bp_blogs_comment_sync_activity_comment', 10, 4 ); 832 832 833 if ( 1 === (int)$activity->is_spam && 'spam' !== $post_comment_status ) {833 if ( 1 === $activity->is_spam && 'spam' !== $post_comment_status ) { 834 834 wp_spam_comment( $post_comment_id ); 835 835 } elseif ( ! $activity->is_spam ) { 836 836 if ( 'spam' === $post_comment_status ) { -
src/bp-blogs/classes/class-bp-blogs-blog.php
48 48 */ 49 49 public function __construct( $id = null ) { 50 50 if ( !empty( $id ) ) { 51 $this->id = $id;51 $this->id = (int) $id; 52 52 $this->populate(); 53 53 } 54 54 } … … 63 63 64 64 $blog = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$bp->blogs->table_name} WHERE id = %d", $this->id ) ); 65 65 66 $this->user_id = $blog->user_id;67 $this->blog_id = $blog->blog_id;66 $this->user_id = (int) $blog->user_id; 67 $this->blog_id = (int) $blog->blog_id; 68 68 } 69 69 70 70 /** … … 243 243 244 244 $paged_blogs = BP_Blogs_Blog::get_blog_extras( $paged_blogs, $blog_ids, $type ); 245 245 246 // Integer casting. 247 foreach ( (array) $paged_blogs as $key => $data ) { 248 $paged_blogs[ $key ]->blog_id = (int) $paged_blogs[ $key ]->blog_id; 249 $paged_blogs[ $key ]->admin_user_id = (int) $paged_blogs[ $key ]->admin_user_id; 250 } 251 246 252 if ( $update_meta_cache ) { 247 253 bp_blogs_update_meta_cache( $blog_ids ); 248 254 } … … 338 344 $user_blogs = array(); 339 345 foreach ( (array) $blogs as $blog ) { 340 346 $user_blogs[$blog->blog_id] = new stdClass; 341 $user_blogs[$blog->blog_id]->id = $blog->id;342 $user_blogs[$blog->blog_id]->blog_id = $blog->blog_id;347 $user_blogs[$blog->blog_id]->id = (int) $blog->id; 348 $user_blogs[$blog->blog_id]->blog_id = (int) $blog->blog_id; 343 349 $user_blogs[$blog->blog_id]->siteurl = ( is_ssl() ) ? 'https://' . $blog->domain . $blog->path : 'http://' . $blog->domain . $blog->path; 344 350 $user_blogs[$blog->blog_id]->name = $blog->name; 345 351 } … … 364 370 if ( !$user_id ) 365 371 $user_id = bp_displayed_user_id(); 366 372 367 return $wpdb->get_col( $wpdb->prepare( "SELECT blog_id FROM {$bp->blogs->table_name} WHERE user_id = %d", $user_id) );373 return array_map( 'intval', $wpdb->get_col( $wpdb->prepare( "SELECT blog_id FROM {$bp->blogs->table_name} WHERE user_id = %d", $user_id ) ) ); 368 374 } 369 375 370 376 /** … … 379 385 380 386 $bp = buddypress(); 381 387 382 return $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->blogs->table_name} WHERE blog_id = %d", $blog_id ) ); 388 $query = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->blogs->table_name} WHERE blog_id = %d", $blog_id ) ); 389 390 return is_numeric( $query ) ? (int) $query : $query; 383 391 } 384 392 385 393 /** … … 444 452 $paged_blogs = $wpdb->get_results( "SELECT DISTINCT bm.blog_id FROM {$bp->blogs->table_name_blogmeta} bm LEFT JOIN {$wpdb->base_prefix}blogs wb ON bm.blog_id = wb.blog_id WHERE ( ( bm.meta_key = 'name' OR bm.meta_key = 'description' ) AND {$search_terms_sql} ) {$hidden_sql} AND wb.mature = 0 AND wb.spam = 0 AND wb.archived = '0' AND wb.deleted = 0 ORDER BY meta_value ASC{$pag_sql}" ); 445 453 $total_blogs = $wpdb->get_var( "SELECT COUNT(DISTINCT bm.blog_id) FROM {$bp->blogs->table_name_blogmeta} bm LEFT JOIN {$wpdb->base_prefix}blogs wb ON bm.blog_id = wb.blog_id WHERE ( ( bm.meta_key = 'name' OR bm.meta_key = 'description' ) AND {$search_terms_sql} ) {$hidden_sql} AND wb.mature = 0 AND wb.spam = 0 AND wb.archived = '0' AND wb.deleted = 0 ORDER BY meta_value ASC" ); 446 454 447 return array( 'blogs' => $paged_blogs, 'total' => $total_blogs ); 455 // Integer casting. 456 foreach ( (array) $paged_blogs as $key => $data ) { 457 $paged_blogs[ $key ]->blog_id = (int) $paged_blogs[ $key ]->blog_id; 458 } 459 460 return array( 'blogs' => $paged_blogs, 'total' => (int) $total_blogs ); 448 461 } 449 462 450 463 /** … … 472 485 $paged_blogs = $wpdb->get_results( "SELECT DISTINCT b.blog_id FROM {$bp->blogs->table_name} b LEFT JOIN {$wpdb->base_prefix}blogs wb ON b.blog_id = wb.blog_id WHERE wb.mature = 0 AND wb.spam = 0 AND wb.archived = '0' AND wb.deleted = 0 {$hidden_sql} {$pag_sql}" ); 473 486 $total_blogs = $wpdb->get_var( "SELECT COUNT(DISTINCT b.blog_id) FROM {$bp->blogs->table_name} b LEFT JOIN {$wpdb->base_prefix}blogs wb ON b.blog_id = wb.blog_id WHERE wb.mature = 0 AND wb.spam = 0 AND wb.archived = '0' AND wb.deleted = 0 {$hidden_sql}" ); 474 487 475 return array( 'blogs' => $paged_blogs, 'total' => $total_blogs ); 488 // Integer casting. 489 foreach ( (array) $paged_blogs as $key => $data ) { 490 $paged_blogs[ $key ]->blog_id = (int) $paged_blogs[ $key ]->blog_id; 491 } 492 493 return array( 'blogs' => $paged_blogs, 'total' => (int) $total_blogs ); 476 494 } 477 495 478 496 /** … … 509 527 $paged_blogs = $wpdb->get_results( "SELECT DISTINCT bm.blog_id FROM {$bp->blogs->table_name_blogmeta} bm LEFT JOIN {$wpdb->base_prefix}blogs wb ON bm.blog_id = wb.blog_id WHERE bm.meta_key = 'name' AND {$letter_sql} {$hidden_sql} AND wb.mature = 0 AND wb.spam = 0 AND wb.archived = '0' AND wb.deleted = 0 ORDER BY bm.meta_value ASC{$pag_sql}" ); 510 528 $total_blogs = $wpdb->get_var( "SELECT COUNT(DISTINCT bm.blog_id) FROM {$bp->blogs->table_name_blogmeta} bm LEFT JOIN {$wpdb->base_prefix}blogs wb ON bm.blog_id = wb.blog_id WHERE bm.meta_key = 'name' AND {$letter_sql} {$hidden_sql} AND wb.mature = 0 AND wb.spam = 0 AND wb.archived = '0' AND wb.deleted = 0 ORDER BY bm.meta_value ASC" ); 511 529 512 return array( 'blogs' => $paged_blogs, 'total' => $total_blogs ); 530 // Integer casting. 531 foreach ( (array) $paged_blogs as $key => $data ) { 532 $paged_blogs[ $key ]->blog_id = (int) $paged_blogs[ $key ]->blog_id; 533 } 534 535 return array( 'blogs' => $paged_blogs, 'total' => (int) $total_blogs ); 513 536 } 514 537 515 538 /** -
src/bp-core/classes/class-bp-core-user.php
823 823 $retval = array(); 824 824 foreach ( $user_ids as $user_id ) { 825 825 $retval[ $user_id ] = wp_cache_get( $user_id, 'bp_last_activity' ); 826 $retval[ $user_id ]['user_id'] = (int) $retval[ $user_id ]['user_id']; 827 $retval[ $user_id ]['activity_id'] = (int) $retval[ $user_id ]['activity_id']; 826 828 } 827 829 828 830 return $retval; -
src/bp-core/classes/class-bp-user-query.php
591 591 // Match up to the user ids from the main query. 592 592 foreach ( $this->user_ids as $key => $uid ) { 593 593 if ( isset( $r[ $uid ] ) ) { 594 $r[ $uid ]->ID = (int) $uid; 595 $r[ $uid ]->user_status = (int) $r[ $uid ]->user_status; 596 594 597 $this->results[ $uid ] = $r[ $uid ]; 595 598 596 599 // The BP template functions expect an 'id' 597 600 // (as opposed to 'ID') property. 598 $this->results[ $uid ]->id = $uid;601 $this->results[ $uid ]->id = (int) $uid; 599 602 600 603 // Remove user ID from original user_ids property. 601 604 } else { -
src/bp-friends/classes/class-bp-friends-friendship.php
241 241 } 242 242 } 243 243 244 return $fids;244 return array_map( 'intval', $fids ); 245 245 } 246 246 247 247 /** … … 251 251 * 252 252 * @param int $user_id The ID of the first user. 253 253 * @param int $friend_id The ID of the second user. 254 * @return int| bool The ID of the friendship object if found, otherwise false.254 * @return int|null The ID of the friendship object if found, otherwise null. 255 255 */ 256 256 public static function get_friendship_id( $user_id, $friend_id ) { 257 257 global $wpdb; 258 258 259 259 $bp = buddypress(); 260 260 261 return $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->friends->table_name} WHERE ( initiator_user_id = %d AND friend_user_id = %d ) OR ( initiator_user_id = %d AND friend_user_id = %d ) AND is_confirmed = 1", $user_id, $friend_id, $friend_id, $user_id ) ); 261 $query = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->friends->table_name} WHERE ( initiator_user_id = %d AND friend_user_id = %d ) OR ( initiator_user_id = %d AND friend_user_id = %d ) AND is_confirmed = 1", $user_id, $friend_id, $friend_id, $user_id ) ); 262 263 return is_numeric( $query ) ? (int) $query : $query; 262 264 } 263 265 264 266 /** … … 283 285 wp_cache_set( $user_id, $friend_requests, 'bp_friends_requests' ); 284 286 } 285 287 288 // Integer casting. 289 if ( ! empty( $friend_requests ) ) { 290 $friend_requests = array_map( 'intval', $friend_requests ); 291 } 292 286 293 return $friend_requests; 287 294 } 288 295 … … 381 388 if ( empty( $filtered_friend_ids ) ) 382 389 return false; 383 390 384 return array( 'friends' => $filtered_friend_ids, 'total' => (int) $total_friend_ids );391 return array( 'friends' => array_map( 'intval', $filtered_friend_ids ), 'total' => (int) $total_friend_ids ); 385 392 } 386 393 387 394 /** -
src/bp-groups/bp-groups-functions.php
114 114 115 115 // Pass an existing group ID. 116 116 if ( ! empty( $group_id ) ) { 117 $group = groups_get_group( array( 'group_id' => (int)$group_id ) );117 $group = groups_get_group( array( 'group_id' => $group_id ) ); 118 118 $name = ! empty( $name ) ? $name : $group->name; 119 119 $slug = ! empty( $slug ) ? $slug : $group->slug; 120 120 $description = ! empty( $description ) ? $description : $group->description; … … 415 415 * @since 1.6.0 416 416 * 417 417 * @param string $group_slug The group's slug. 418 * @return int The ID.418 * @return int|null The group ID on success; null on failure. 419 419 */ 420 420 function groups_get_id( $group_slug ) { 421 return (int)BP_Groups_Group::group_exists( $group_slug );421 return BP_Groups_Group::group_exists( $group_slug ); 422 422 } 423 423 424 424 /** User Actions **************************************************************/ … … 879 879 * 880 880 * @param int $user_id ID of the user. 881 881 * @param int $group_id ID of the group. 882 * @return bool882 * @return int 1 on success; 0 on failure. 883 883 */ 884 884 function groups_is_user_admin( $user_id, $group_id ) { 885 885 return BP_Groups_Member::check_is_admin( $user_id, $group_id ); … … 892 892 * 893 893 * @param int $user_id ID of the user. 894 894 * @param int $group_id ID of the group. 895 * @return bool895 * @return int 1 on success; 0 on failure. 896 896 */ 897 897 function groups_is_user_mod( $user_id, $group_id ) { 898 898 return BP_Groups_Member::check_is_mod( $user_id, $group_id ); … … 905 905 * 906 906 * @param int $user_id ID of the user. 907 907 * @param int $group_id ID of the group. 908 * @return bool908 * @return int 1 on success; 0 on failure. 909 909 */ 910 910 function groups_is_user_member( $user_id, $group_id ) { 911 911 return BP_Groups_Member::check_is_member( $user_id, $group_id ); … … 919 919 * @param int $user_id ID of the user. 920 920 * @param int $group_id ID of the group. 921 921 * 922 * @return bool 922 * @return int|null int 1 if user is banned; int 0 if user is not banned; 923 * null if user is not part of the group or if group doesn't exist. 923 924 */ 924 925 function groups_is_user_banned( $user_id, $group_id ) { 925 926 return BP_Groups_Member::check_is_banned( $user_id, $group_id ); … … 932 933 * 933 934 * @param int $user_id ID of the user. 934 935 * @param int $group_id ID of the group. 935 * @return bool936 * @return int|null int of group ID if user is the creator; null on failure. 936 937 */ 937 938 function groups_is_user_creator( $user_id, $group_id ) { 938 939 return BP_Groups_Member::check_is_creator( $user_id, $group_id ); … … 1336 1337 * @param int $group_id ID of potential group. 1337 1338 * @param string $type Optional. Use 'sent' to check for sent invites, 1338 1339 * 'all' to check for all. Default: 'sent'. 1339 * @return bool True if an invitation is found, otherwise false.1340 * @return int|null The ID of the invitation if found; null if not found. 1340 1341 */ 1341 1342 function groups_check_user_has_invite( $user_id, $group_id, $type = 'sent' ) { 1342 1343 return BP_Groups_Member::check_has_invite( $user_id, $group_id, $type ); … … 1684 1685 * 1685 1686 * @param int $user_id ID of the user. 1686 1687 * @param int $group_id ID of the group. 1687 * @return int|null ID of the membership if found, otherwise false.1688 * @return int|null ID of the membership if found, otherwise null. 1688 1689 */ 1689 1690 function groups_check_for_membership_request( $user_id, $group_id ) { 1690 1691 return BP_Groups_Member::check_for_membership_request( $user_id, $group_id ); -
src/bp-groups/classes/class-bp-groups-group.php
175 175 ) ); 176 176 177 177 if ( !empty( $id ) ) { 178 $this->id = $id;178 $this->id = (int) $id; 179 179 $this->populate(); 180 180 } 181 181 } … … 208 208 } 209 209 210 210 // Group found so setup the object variables. 211 $this->id = $group->id;212 $this->creator_id = $group->creator_id;211 $this->id = (int) $group->id; 212 $this->creator_id = (int) $group->creator_id; 213 213 $this->name = stripslashes( $group->name ); 214 214 $this->slug = $group->slug; 215 215 $this->description = stripslashes( $group->description ); 216 216 $this->status = $group->status; 217 $this->enable_forum = $group->enable_forum;217 $this->enable_forum = (int) $group->enable_forum; 218 218 $this->date_created = $group->date_created; 219 219 220 220 // Are we getting extra group data? … … 231 231 232 232 // Add admins and moderators to their respective arrays. 233 233 foreach ( (array) $admin_mods as $user ) { 234 $user->user_id = (int) $user->user_id; 235 $user->is_admin = (int) $user->is_admin; 236 $user->is_mod = (int) $user->is_mod; 237 234 238 if ( !empty( $user->is_admin ) ) { 235 239 $this->admins[] = $user; 236 240 } else { … … 241 245 // Set up some specific group vars from meta. Excluded 242 246 // from the bp_groups cache because it's cached independently. 243 247 $this->last_activity = groups_get_groupmeta( $this->id, 'last_activity' ); 244 $this->total_member_count = groups_get_groupmeta( $this->id, 'total_member_count' );248 $this->total_member_count = (int) groups_get_groupmeta( $this->id, 'total_member_count' ); 245 249 246 250 // Set user-specific data. 247 251 $user_id = bp_loggedin_user_id(); … … 435 439 * @param string $slug Slug to check. 436 440 * @param string|bool $table_name Optional. Name of the table to check 437 441 * against. Default: $bp->groups->table_name. 438 * @return string|null ID of the group, if one is found, else null.442 * @return int Group ID if found; null if not. 439 443 */ 440 444 public static function group_exists( $slug, $table_name = false ) { 441 445 global $wpdb; … … 446 450 if ( empty( $slug ) ) 447 451 return false; 448 452 449 return $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$table_name} WHERE slug = %s", strtolower( $slug ) ) ); 453 $query = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$table_name} WHERE slug = %s", strtolower( $slug ) ) ); 454 455 return is_numeric( $query ) ? (int) $query : $query; 450 456 } 451 457 452 458 /** -
src/bp-groups/classes/class-bp-groups-member.php
185 185 $member = $wpdb->get_row($sql); 186 186 187 187 if ( !empty( $member ) ) { 188 $this->id = $member->id;189 $this->group_id = $member->group_id;190 $this->user_id = $member->user_id;191 $this->inviter_id = $member->inviter_id;192 $this->is_admin = $member->is_admin;193 $this->is_mod = $member->is_mod;194 $this->is_banned = $member->is_banned;188 $this->id = (int) $member->id; 189 $this->group_id = (int) $member->group_id; 190 $this->user_id = (int) $member->user_id; 191 $this->inviter_id = (int) $member->inviter_id; 192 $this->is_admin = (int) $member->is_admin; 193 $this->is_mod = (int) $member->is_mod; 194 $this->is_banned = (int) $member->is_banned; 195 195 $this->user_title = $member->user_title; 196 196 $this->date_modified = $member->date_modified; 197 $this->is_confirmed = $member->is_confirmed;197 $this->is_confirmed = (int) $member->is_confirmed; 198 198 $this->comments = $member->comments; 199 $this->invite_sent = $member->invite_sent;199 $this->invite_sent = (int) $member->invite_sent; 200 200 201 201 $this->user = new BP_Core_User( $this->user_id ); 202 202 } … … 786 786 * @param int $group_id ID of the group. 787 787 * @param string $type If 'sent', results are limited to those invitations 788 788 * that have actually been sent (non-draft). Default: 'sent'. 789 * @return int|null The ID of the invitation if found , otherwise null.789 * @return int|null The ID of the invitation if found; null if not found. 790 790 */ 791 791 public static function check_has_invite( $user_id, $group_id, $type = 'sent' ) { 792 792 global $wpdb; … … 800 800 if ( 'sent' == $type ) 801 801 $sql .= " AND invite_sent = 1"; 802 802 803 return $wpdb->get_var( $wpdb->prepare( $sql, $user_id, $group_id ) ); 803 $query = $wpdb->get_var( $wpdb->prepare( $sql, $user_id, $group_id ) ); 804 805 return is_numeric( $query ) ? (int) $query : $query; 804 806 } 805 807 806 808 /** … … 861 863 * 862 864 * @param int $user_id ID of the user. 863 865 * @param int $group_id ID of the group. 864 * @return mixed866 * @return int 1 on success; 0 on failure. 865 867 */ 866 868 public static function check_is_admin( $user_id, $group_id ) { 867 869 global $wpdb; … … 881 883 * 882 884 * @param int $user_id ID of the user. 883 885 * @param int $group_id ID of the group. 884 * @return mixed886 * @return int 1 on success; 0 on failure. 885 887 */ 886 888 public static function check_is_mod( $user_id, $group_id ) { 887 889 global $wpdb; … … 901 903 * 902 904 * @param int $user_id ID of the user. 903 905 * @param int $group_id ID of the group. 904 * @return mixed906 * @return int 1 on success; 0 on failure. 905 907 */ 906 908 public static function check_is_member( $user_id, $group_id ) { 907 909 global $wpdb; … … 921 923 * 922 924 * @param int $user_id ID of the user. 923 925 * @param int $group_id ID of the group. 924 * @return mixed 926 * @return int|null int 1 if user is banned; int 0 if user is not banned; 927 * null if user is not part of the group or if group doesn't exist. 925 928 */ 926 929 public static function check_is_banned( $user_id, $group_id ) { 927 930 global $wpdb; … … 931 934 932 935 $bp = buddypress(); 933 936 934 return $wpdb->get_var( $wpdb->prepare( "SELECT is_banned FROM {$bp->groups->table_name_members} WHERE user_id = %d AND group_id = %d", $user_id, $group_id ) ); 937 $query = $wpdb->get_var( $wpdb->prepare( "SELECT is_banned FROM {$bp->groups->table_name_members} WHERE user_id = %d AND group_id = %d", $user_id, $group_id ) ); 938 939 return is_numeric( $query ) ? (int) $query : $query; 935 940 } 936 941 937 942 /** … … 941 946 * 942 947 * @param int $user_id ID of the user. 943 948 * @param int $group_id ID of the group. 944 * @return int|null ID of the group if the user is the creator, 945 * otherwise false. 949 * @return int|null int of group ID if user is the creator; null on failure. 946 950 */ 947 951 public static function check_is_creator( $user_id, $group_id ) { 948 952 global $wpdb; … … 952 956 953 957 $bp = buddypress(); 954 958 955 return $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->groups->table_name} WHERE creator_id = %d AND id = %d", $user_id, $group_id ) ); 959 $query = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->groups->table_name} WHERE creator_id = %d AND id = %d", $user_id, $group_id ) ); 960 961 return is_numeric( $query ) ? (int) $query : $query; 956 962 } 957 963 958 964 /** … … 962 968 * 963 969 * @param int $user_id ID of the user. 964 970 * @param int $group_id ID of the group. 965 * @return int |null ID of the membership if found, otherwise false.971 * @return int Database ID of the membership if found; int 0 on failure. 966 972 */ 967 973 public static function check_for_membership_request( $user_id, $group_id ) { 968 974 global $wpdb; … … 991 997 992 998 // If the user is logged in and viewing their random groups, we can show hidden and private groups. 993 999 if ( bp_is_my_profile() ) { 994 return $wpdb->get_col( $wpdb->prepare( "SELECT DISTINCT group_id FROM {$bp->groups->table_name_members} WHERE user_id = %d AND is_confirmed = 1 AND is_banned = 0 ORDER BY rand() LIMIT %d", $user_id, $total_groups) );1000 return array_map( 'intval', $wpdb->get_col( $wpdb->prepare( "SELECT DISTINCT group_id FROM {$bp->groups->table_name_members} WHERE user_id = %d AND is_confirmed = 1 AND is_banned = 0 ORDER BY rand() LIMIT %d", $user_id, $total_groups ) ) ); 995 1001 } else { 996 return $wpdb->get_col( $wpdb->prepare( "SELECT DISTINCT m.group_id FROM {$bp->groups->table_name_members} m, {$bp->groups->table_name} g WHERE m.group_id = g.id AND g.status != 'hidden' AND m.user_id = %d AND m.is_confirmed = 1 AND m.is_banned = 0 ORDER BY rand() LIMIT %d", $user_id, $total_groups) );1002 return array_map( 'intval', $wpdb->get_col( $wpdb->prepare( "SELECT DISTINCT m.group_id FROM {$bp->groups->table_name_members} m, {$bp->groups->table_name} g WHERE m.group_id = g.id AND g.status != 'hidden' AND m.user_id = %d AND m.is_confirmed = 1 AND m.is_banned = 0 ORDER BY rand() LIMIT %d", $user_id, $total_groups ) ) ); 997 1003 } 998 1004 } 999 1005 … … 1010 1016 1011 1017 $bp = buddypress(); 1012 1018 1013 return $wpdb->get_col( $wpdb->prepare( "SELECT user_id FROM {$bp->groups->table_name_members} WHERE group_id = %d AND is_confirmed = 1 AND is_banned = 0", $group_id) );1019 return array_map( 'intval', $wpdb->get_col( $wpdb->prepare( "SELECT user_id FROM {$bp->groups->table_name_members} WHERE group_id = %d AND is_confirmed = 1 AND is_banned = 0", $group_id ) ) ); 1014 1020 } 1015 1021 1016 1022 /** … … 1033 1039 wp_cache_set( $group_id, $group_admins, 'bp_group_admins' ); 1034 1040 } 1035 1041 1042 // Integer casting. 1043 foreach ( (array) $group_admins as $key => $data ) { 1044 $group_admins[ $key ]->user_id = (int) $group_admins[ $key ]->user_id; 1045 } 1046 1036 1047 return $group_admins; 1037 1048 } 1038 1049 … … 1049 1060 1050 1061 $bp = buddypress(); 1051 1062 1052 return $wpdb->get_results( $wpdb->prepare( "SELECT user_id, date_modified FROM {$bp->groups->table_name_members} WHERE group_id = %d AND is_mod = 1 AND is_banned = 0", $group_id ) ); 1063 $group_mods = $wpdb->get_results( $wpdb->prepare( "SELECT user_id, date_modified FROM {$bp->groups->table_name_members} WHERE group_id = %d AND is_mod = 1 AND is_banned = 0", $group_id ) ); 1064 1065 // Integer casting. 1066 foreach ( (array) $group_mods as $key => $data ) { 1067 $group_mods[ $key ]->user_id = (int) $group_mods[ $key ]->user_id; 1068 } 1069 1070 return $group_mods; 1053 1071 } 1054 1072 1055 1073 /** … … 1065 1083 1066 1084 $bp = buddypress(); 1067 1085 1068 return $wpdb->get_col( $wpdb->prepare( "SELECT user_id FROM {$bp->groups->table_name_members} WHERE group_id = %d AND is_confirmed = 0 AND inviter_id = 0", $group_id) );1086 return array_map( 'intval', $wpdb->get_col( $wpdb->prepare( "SELECT user_id FROM {$bp->groups->table_name_members} WHERE group_id = %d AND is_confirmed = 0 AND inviter_id = 0", $group_id ) ) ); 1069 1087 } 1070 1088 1071 1089 /** -
src/bp-messages/classes/class-bp-messages-message.php
88 88 $bp = buddypress(); 89 89 90 90 if ( $message = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$bp->messages->table_name_messages} WHERE id = %d", $id ) ) ) { 91 $this->id = $message->id;92 $this->thread_id = $message->thread_id;93 $this->sender_id = $message->sender_id;91 $this->id = (int) $message->id; 92 $this->thread_id = (int) $message->thread_id; 93 $this->sender_id = (int) $message->sender_id; 94 94 $this->subject = $message->subject; 95 95 $this->message = $message->message; 96 96 $this->date_sent = $message->date_sent; … … 220 220 221 221 $bp = buddypress(); 222 222 223 return $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->messages->table_name_messages} WHERE sender_id = %d AND thread_id = %d ORDER BY date_sent DESC LIMIT 1", bp_loggedin_user_id(), $thread_id ) ); 223 $query = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->messages->table_name_messages} WHERE sender_id = %d AND thread_id = %d ORDER BY date_sent DESC LIMIT 1", bp_loggedin_user_id(), $thread_id ) ); 224 225 return is_numeric( $query ) ? (int) $query : $query; 224 226 } 225 227 226 228 /** … … 236 238 237 239 $bp = buddypress(); 238 240 239 return $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->messages->table_name_messages} WHERE sender_id = %d AND id = %d", $user_id, $message_id ) ); 241 $query = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$bp->messages->table_name_messages} WHERE sender_id = %d AND id = %d", $user_id, $message_id ) ); 242 243 return is_numeric( $query ) ? (int) $query : $query; 240 244 } 241 245 242 246 /** … … 250 254 251 255 $bp = buddypress(); 252 256 253 return $wpdb->get_var( $wpdb->prepare( "SELECT sender_id FROM {$bp->messages->table_name_messages} WHERE id = %d", $message_id ) ); 257 $query = $wpdb->get_var( $wpdb->prepare( "SELECT sender_id FROM {$bp->messages->table_name_messages} WHERE id = %d", $message_id ) ); 258 259 return is_numeric( $query ) ? (int) $query : $query; 254 260 } 255 261 } -
src/bp-messages/classes/class-bp-messages-notice.php
62 62 */ 63 63 public function __construct( $id = null ) { 64 64 if ( $id ) { 65 $this->id = $id;65 $this->id = (int) $id; 66 66 $this->populate(); 67 67 } 68 68 } … … 85 85 $this->subject = $notice->subject; 86 86 $this->message = $notice->message; 87 87 $this->date_sent = $notice->date_sent; 88 $this->is_active = $notice->is_active;88 $this->is_active = (int) $notice->is_active; 89 89 } 90 90 } 91 91 … … 232 232 233 233 $notices = $wpdb->get_results( "SELECT * FROM {$bp->messages->table_name_notices} ORDER BY date_sent DESC {$limit_sql}" ); 234 234 235 // Integer casting. 236 foreach ( (array) $notices as $key => $data ) { 237 $notices[ $key ]->id = (int) $notices[ $key ]->id; 238 $notices[ $key ]->is_active = (int) $notices[ $key ]->is_active; 239 } 240 235 241 return $notices; 236 242 } 237 243 -
src/bp-messages/classes/class-bp-messages-thread.php
254 254 wp_cache_set( 'thread_recipients_' . $thread_id, $recipients, 'bp_messages' ); 255 255 } 256 256 257 // Cast all items from the messages DB table as integers. 258 foreach ( (array) $recipients as $key => $data ) { 259 $recipients[ $key ] = (object) array_map( 'intval', (array) $data ); 260 } 261 257 262 /** 258 263 * Filters the recipients of a message thread. 259 264 * … … 291 296 wp_cache_set( $thread_id, (array) $messages, 'bp_messages_threads' ); 292 297 } 293 298 299 // Integer casting. 300 foreach ( $messages as $key => $data ) { 301 $messages[ $key ]->id = (int) $messages[ $key ]->id; 302 $messages[ $key ]->thread_id = (int) $messages[ $key ]->thread_id; 303 $messages[ $key ]->sender_id = (int) $messages[ $key ]->sender_id; 304 } 305 294 306 return $messages; 295 307 } 296 308 -
src/bp-notifications/classes/class-bp-notifications-notification.php
97 97 */ 98 98 public function __construct( $id = 0 ) { 99 99 if ( ! empty( $id ) ) { 100 $this->id = $id;100 $this->id = (int) $id; 101 101 $this->populate(); 102 102 } 103 103 } … … 188 188 189 189 // Setup the notification data. 190 190 if ( ! empty( $notification ) && ! is_wp_error( $notification ) ) { 191 $this->item_id = $notification->item_id;192 $this->secondary_item_id = $notification->secondary_item_id;193 $this->user_id = $notification->user_id;191 $this->item_id = (int) $notification->item_id; 192 $this->secondary_item_id = (int) $notification->secondary_item_id; 193 $this->user_id = (int) $notification->user_id; 194 194 $this->component_name = $notification->component_name; 195 195 $this->component_action = $notification->component_action; 196 196 $this->date_notified = $notification->date_notified; 197 $this->is_new = $notification->is_new;197 $this->is_new = (int) $notification->is_new; 198 198 } 199 199 } 200 200 … … 681 681 // Concatenate query parts. 682 682 $sql = "{$select_sql} {$from_sql} {$join_sql} {$where_sql} {$order_sql} {$pag_sql}"; 683 683 684 return $wpdb->get_results( $sql ); 684 // Query! 685 $results = $wpdb->get_results( $sql ); 686 687 // Integer casting. 688 foreach( (array) $results as $key => $data ) { 689 $results[ $key ]->id = (int) $results[ $key ]->id; 690 $results[ $key ]->user_id = (int) $results[ $key ]->user_id; 691 $results[ $key ]->item_id = (int) $results[ $key ]->item_id; 692 $results[ $key ]->secondary_item_id = (int) $results[ $key ]->secondary_item_id; 693 $results[ $key ]->is_new = (int) $results[ $key ]->is_new; 694 } 695 696 return $results; 685 697 } 686 698 687 699 /** … … 732 744 $sql = "{$select_sql} {$from_sql} {$join_sql} {$where_sql}"; 733 745 734 746 // Return the queried results. 735 return $wpdb->get_var( $sql );747 return (int) $wpdb->get_var( $sql ); 736 748 } 737 749 738 750 /** -
src/bp-xprofile/classes/class-bp-xprofile-field.php
260 260 $args = (array) $args; 261 261 } 262 262 263 $int_fields = array( 264 'id', 'is_required', 'group_id', 'parent_id', 'is_default_option', 265 'field_order', 'option_order', 'can_delete' 266 ); 267 263 268 foreach ( $args as $k => $v ) { 264 269 if ( 'name' === $k || 'description' === $k ) { 265 270 $v = stripslashes( $v ); 266 271 } 272 273 // Cast numeric strings as integers. 274 if ( true === in_array( $k, $int_fields ) ) { 275 $v = (int) $v; 276 } 277 267 278 $this->{$k} = $v; 268 279 } 269 280 … … 892 903 * @global object $wpdb 893 904 * 894 905 * @param string $field_name Name of the field to query the ID for. 895 * @return boolean906 * @return int|null Field ID on success; null on failure. 896 907 */ 897 908 public static function get_id_from_name( $field_name = '' ) { 898 909 global $wpdb; … … 905 916 906 917 $sql = $wpdb->prepare( "SELECT id FROM {$bp->profile->table_name_fields} WHERE name = %s AND parent_id = 0", $field_name ); 907 918 908 return $wpdb->get_var( $sql ); 919 $query = $wpdb->get_var( $sql ); 920 921 return is_numeric( $query ) ? (int) $query : $query; 909 922 } 910 923 911 924 /** -
src/bp-xprofile/classes/class-bp-xprofile-group.php
466 466 467 467 // Merge the field array back in with the group array. 468 468 foreach( (array) $groups as $group ) { 469 470 469 // Indexes may have been shifted after previous deletions, so we get a 471 470 // fresh one each time through the loop. 472 471 $index = array_search( $group, $groups ); … … 555 554 } 556 555 } 557 556 557 // Integer casting. 558 foreach ( (array) $groups as $key => $data ) { 559 $groups[ $key ]->id = (int) $groups[ $key ]->id; 560 $groups[ $key ]->group_order = (int) $groups[ $key ]->group_order; 561 $groups[ $key ]->can_delete = (int) $groups[ $key ]->can_delete; 562 } 563 558 564 // Reset indexes & return. 559 565 return array_values( $groups ); 560 566 } -
src/bp-xprofile/classes/class-bp-xprofile-profiledata.php
88 88 } 89 89 90 90 if ( $profiledata ) { 91 $this->id = $profiledata->id;92 $this->user_id = $profiledata->user_id;93 $this->field_id = $profiledata->field_id;91 $this->id = (int) $profiledata->id; 92 $this->user_id = (int) $profiledata->user_id; 93 $this->field_id = (int) $profiledata->field_id; 94 94 $this->value = stripslashes( $profiledata->value ); 95 95 $this->last_updated = $profiledata->last_updated; 96 96 97 97 } else { 98 98 // When no row is found, we'll need to set these properties manually. 99 $this->field_id = $field_id;100 $this->user_id = $user_id;99 $this->field_id = (int) $field_id; 100 $this->user_id = (int) $user_id; 101 101 } 102 102 } 103 103 … … 317 317 $data[] = wp_cache_get( $cache_key, 'bp_xprofile_data' ); 318 318 } 319 319 320 // Integer casting. 321 foreach ( (array) $data as $key => $d ) { 322 if ( isset( $data[ $key ]->id ) ) { 323 $data[ $key ]->id = (int) $data[ $key ]->id; 324 } 325 if ( isset( $data[ $key ]->user_id ) ) { 326 $data[ $key ]->user_id = (int) $data[ $key ]->user_id; 327 } 328 329 $data[ $key ]->field_id = (int) $data[ $key ]->field_id; 330 } 331 320 332 return $data; 321 333 } 322 334 … … 390 402 } 391 403 } 392 404 393 return $fielddata_id;405 return (int) $fielddata_id; 394 406 } 395 407 396 408 /** … … 465 477 $data[] = wp_cache_get( $cache_key, 'bp_xprofile_data' ); 466 478 } 467 479 480 // Integer casting. 481 foreach ( (array) $data as $key => $d ) { 482 if ( isset( $data[ $key ]->id ) ) { 483 $data[ $key ]->id = (int) $data[ $key ]->id; 484 } 485 if ( isset( $data[ $key ]->user_id ) ) { 486 $data[ $key ]->user_id = (int) $data[ $key ]->user_id; 487 } 488 489 $data[ $key ]->field_id = (int) $data[ $key ]->field_id; 490 } 491 468 492 // If a single ID was passed, just return the value. 469 493 if ( $is_single ) { 470 494 return $data[0]->value;