Skip to:
Content

BuddyPress.org

Changeset 3345


Ignore:
Timestamp:
11/03/2010 10:54:05 PM (11 years ago)
Author:
mrmaz
Message:

fixes #2098, IN operator is better than OR

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/bp-activity/bp-activity-classes.php

    r3300 r3345  
    437437    }
    438438
     439    function get_in_operator_sql( $field, $items ) {
     440        global $wpdb;
     441
     442        // split items at the comma
     443        $items_dirty = explode( ',', $items );
     444
     445        // array of prepared integers or quoted strings
     446        $items_prepared = array();
     447       
     448        // clean up and format each item
     449        foreach ( $items_dirty as $item ) {
     450            // clean up the string
     451            $item = trim( $item );
     452            // pass everything through prepare for security and to safely quote strings
     453            $items_prepared[] = ( is_numeric( $item ) ) ? $wpdb->prepare( '%d', $item ) : $wpdb->prepare( '%s', $item );
     454        }
     455
     456        // build IN operator sql syntax
     457        if ( count( $items_prepared ) )
     458            return sprintf( '%s IN ( %s )', trim( $field ), implode( ',', $items_prepared ) );
     459        else
     460            return false;
     461    }
     462
    439463    function get_filter_sql( $filter_array ) {
    440464        global $wpdb;
    441465
    442466        if ( !empty( $filter_array['user_id'] ) ) {
    443             $user_filter = explode( ',', $filter_array['user_id'] );
    444             $user_sql = ' ( a.user_id IN ( ' . $filter_array['user_id'] . ' ) )';
    445             $filter_sql[] = $user_sql;
     467            $user_sql = BP_Activity_Activity::get_in_operator_sql( 'a.user_id', $filter_array['user_id'] );
     468            if ( !empty( $user_sql ) )
     469                $filter_sql[] = $user_sql;
    446470        }
    447471
    448472        if ( !empty( $filter_array['object'] ) ) {
    449             $object_filter = explode( ',', $filter_array['object'] );
    450             $object_sql = ' ( ';
    451 
    452             $counter = 1;
    453             foreach( (array) $object_filter as $object ) {
    454                 $object_sql .= $wpdb->prepare( "a.component = %s", trim( $object ) );
    455 
    456                 if ( $counter != count( $object_filter ) )
    457                     $object_sql .= ' || ';
    458 
    459                 $counter++;
    460             }
    461 
    462             $object_sql .= ' )';
    463             $filter_sql[] = $object_sql;
     473            $object_sql = BP_Activity_Activity::get_in_operator_sql( 'a.component', $filter_array['object'] );
     474            if ( !empty( $object_sql ) )
     475                $filter_sql[] = $object_sql;
    464476        }
    465477
    466478        if ( !empty( $filter_array['action'] ) ) {
    467             $action_filter = explode( ',', $filter_array['action'] );
    468             $action_sql = ' ( ';
    469 
    470             $counter = 1;
    471             foreach( (array) $action_filter as $action ) {
    472                 $action_sql .= $wpdb->prepare( "a.type = %s", trim( $action ) );
    473 
    474                 if ( $counter != count( $action_filter ) )
    475                     $action_sql .= ' || ';
    476 
    477                 $counter++;
    478             }
    479 
    480             $action_sql .= ' )';
    481             $filter_sql[] = $action_sql;
     479            $action_sql = BP_Activity_Activity::get_in_operator_sql( 'a.type', $filter_array['action'] );
     480            if ( !empty( $action_sql ) )
     481                $filter_sql[] = $action_sql;
    482482        }
    483483
    484484        if ( !empty( $filter_array['primary_id'] ) ) {
    485             $pid_filter = explode( ',', $filter_array['primary_id'] );
    486             $pid_sql = ' ( ';
    487 
    488             $counter = 1;
    489             foreach( (array) $pid_filter as $pid ) {
    490                 $pid_sql .= $wpdb->prepare( "a.item_id = %s", trim( $pid ) );
    491 
    492                 if ( $counter != count( $pid_filter ) )
    493                     $pid_sql .= ' || ';
    494 
    495                 $counter++;
    496             }
    497 
    498             $pid_sql .= ' )';
    499             $filter_sql[] = $pid_sql;
     485            $pid_sql = BP_Activity_Activity::get_in_operator_sql( 'a.item_id', $filter_array['primary_id'] );
     486            if ( !empty( $pid_sql ) )
     487                $filter_sql[] = $pid_sql;
    500488        }
    501489
    502490        if ( !empty( $filter_array['secondary_id'] ) ) {
    503             $sid_filter = explode( ',', $filter_array['secondary_id'] );
    504             $sid_sql = ' ( ';
    505 
    506             $counter = 1;
    507             foreach( (array) $sid_filter as $sid ) {
    508                 $sid_sql .= $wpdb->prepare( "a.secondary_item_id = %s", trim( $sid ) );
    509 
    510                 if ( $counter != count( $sid_filter ) )
    511                     $sid_sql .= ' || ';
    512 
    513                 $counter++;
    514             }
    515 
    516             $sid_sql .= ' )';
    517             $filter_sql[] = $sid_sql;
     491            $sid_sql = BP_Activity_Activity::get_in_operator_sql( 'a.secondary_item_id', $filter_array['secondary_id'] );
     492            if ( !empty( $sid_sql ) )
     493                $filter_sql[] = $sid_sql;
    518494        }
    519495
Note: See TracChangeset for help on using the changeset viewer.