Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
05/16/2011 10:41:52 PM (13 years ago)
Author:
boonebgorges
Message:

Additional bp_get_user_meta_key() applications in query classes, plus wpdb->prepare() cleanup. References #2952. Props nacin.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/bp-core/bp-core-classes.php

    r4378 r4380  
    149149
    150150        if ( 'popular' == $type )
    151             $sql['where_popular'] = "AND um.meta_key = 'total_friend_count'";
     151            $sql['where_popular'] = $wpdb->prepare( "AND um.meta_key = %s", bp_get_user_meta_key( 'total_friend_count' ) );
    152152
    153153        if ( 'online' == $type )
     
    390390        // Fetch the user's total friend count
    391391        if ( 'popular' != $type ) {
    392             $friend_count = $wpdb->get_results( "SELECT user_id as id, meta_value as total_friend_count FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = 'total_friend_count' AND user_id IN ( {$user_ids} )" );
     392            $friend_count = $wpdb->get_results( $wpdb->prepare( "SELECT user_id as id, meta_value as total_friend_count FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = %s AND user_id IN ( {$user_ids} )", bp_get_user_meta_key( 'total_friend_count' ) ) );
    393393            for ( $i = 0; $i < count( $paged_users ); $i++ ) {
    394394                foreach ( (array)$friend_count as $count ) {
     
    411411
    412412        if ( 'active' != $type ) {
    413             $user_activity = $wpdb->get_results( "SELECT user_id as id, meta_value as last_activity FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = '" . bp_get_user_meta_key( 'last_activity' ) . "' AND user_id IN ( {$user_ids} )" );
     413            $user_activity = $wpdb->get_results( $wpdb->prepare( "SELECT user_id as id, meta_value as last_activity FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = %s AND user_id IN ( {$user_ids} )", bp_get_user_meta_key( 'last_activity' ) ) );
    414414            for ( $i = 0; $i < count( $paged_users ); $i++ ) {
    415415                foreach ( (array)$user_activity as $activity ) {
     
    422422        // Fetch the user's last_activity
    423423        if ( 'active' != $type ) {
    424             $user_activity = $wpdb->get_results( "SELECT user_id as id, meta_value as last_activity FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = '" . bp_get_user_meta_key( 'last_activity' ) . "' AND user_id IN ( {$user_ids} )" );
     424            $user_activity = $wpdb->get_results( $wpdb->prepare( "SELECT user_id as id, meta_value as last_activity FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = %s AND user_id IN ( {$user_ids} )", bp_get_user_meta_key( 'last_activity' ) ) );
    425425            for ( $i = 0; $i < count( $paged_users ); $i++ ) {
    426426                foreach ( (array)$user_activity as $activity ) {
     
    432432
    433433        // Fetch the user's latest update
    434         $user_update = $wpdb->get_results( "SELECT user_id as id, meta_value as latest_update FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = '" . bp_get_user_meta_key( 'bp_latest_update' ) . "' AND user_id IN ( {$user_ids} )" );
     434        $user_update = $wpdb->get_results( $wpdb->prepare( "SELECT user_id as id, meta_value as latest_update FROM " . CUSTOM_USER_META_TABLE . " WHERE meta_key = %s AND user_id IN ( {$user_ids} )", bp_get_user_meta_key( 'bp_latest_update' ) ) );
    435435        for ( $i = 0; $i < count( $paged_users ); $i++ ) {
    436436            foreach ( (array)$user_update as $update ) {
Note: See TracChangeset for help on using the changeset viewer.