Changeset 7024
- Timestamp:
- 05/08/2013 08:27:22 PM (12 years ago)
- Location:
- trunk
- Files:
-
- 1 added
- 4 edited
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
trunk/bp-core/bp-core-cache.php
r6752 r7024 93 93 } 94 94 95 if ( !is_array( $object_ids ) ) { 96 $object_ids = preg_replace( '|[^0-9,]|', '', $object_ids ); 97 $object_ids = explode( ',', $object_ids ); 98 } 99 100 $object_ids = array_map( 'intval', $object_ids ); 95 $object_ids = wp_parse_id_list( $object_ids ); 101 96 102 97 $cache = array(); -
trunk/bp-core/bp-core-classes.php
r7017 r7024 300 300 if ( ! empty( $user_id ) && bp_is_active( 'friends' ) ) { 301 301 $friend_ids = friends_get_friend_user_ids( $user_id ); 302 $friend_ids = $wpdb->escape( implode( ',', (array)$friend_ids ) );302 $friend_ids = implode( ',', wp_parse_id_list( $friend_ids ) ); 303 303 304 304 if ( ! empty( $friend_ids ) ) { … … 806 806 807 807 if ( !empty( $exclude ) ) { 808 $exclude = implode( ',', wp_parse_id_list( $exclude ) ); 808 809 $sql['where_exclude'] = "AND u.ID NOT IN ({$exclude})"; 809 810 } … … 815 816 } else { 816 817 if ( !empty( $include ) ) { 817 if ( is_array( $include ) ) { 818 $uids = $wpdb->escape( implode( ',', (array) $include ) ); 819 } else { 820 $uids = $wpdb->escape( $include ); 821 } 822 823 if ( !empty( $uids ) ) { 824 $sql['where_users'] = "AND u.ID IN ({$uids})"; 825 } 818 $include = implode( ',', wp_parse_id_list( $include ) ); 819 $sql['where_users'] = "AND u.ID IN ({$include})"; 826 820 } elseif ( !empty( $user_id ) && bp_is_active( 'friends' ) ) { 827 821 $friend_ids = friends_get_friend_user_ids( $user_id ); 828 $friend_ids = $wpdb->escape( implode( ',', (array) $friend_ids ) );829 822 830 823 if ( !empty( $friend_ids ) ) { 824 $friend_ids = implode( ',', wp_parse_id_list( $friend_ids ) ); 831 825 $sql['where_friends'] = "AND u.ID IN ({$friend_ids})"; 832 826 … … 914 908 } 915 909 916 $user_ids = $wpdb->escape( join( ',', (array) $user_ids ) );917 918 910 // Add additional data to the returned results 919 911 $paged_users = BP_Core_User::get_user_extras( $paged_users, $user_ids, $type ); … … 960 952 961 953 if ( !empty( $exclude ) ) { 962 $exclude = wp_parse_id_list( $r['exclude'] ); 963 $exclude = $wpdb->escape( implode( ',', $exclude ) ); 954 $exclude = implode( ',', wp_parse_id_list( $r['exclude'] ) ); 964 955 $exclude_sql = " AND u.id NOT IN ({$exclude})"; 965 956 } else { … … 982 973 $user_ids = array(); 983 974 foreach ( (array) $paged_users as $user ) 984 $user_ids[] = $user->id; 985 986 $user_ids = $wpdb->escape( join( ',', (array) $user_ids ) ); 975 $user_ids[] = (int) $user->id; 987 976 988 977 // Add additional data to the returned results … … 1012 1001 $pag_sql = $wpdb->prepare( " LIMIT %d, %d", intval( ( $page - 1 ) * $limit), intval( $limit ) ); 1013 1002 1003 $user_ids = implode( ',', wp_parse_id_list( $user_ids ) ); 1014 1004 $status_sql = bp_core_get_status_sql(); 1015 1005 1016 $total_users_sql = apply_filters( 'bp_core_get_specific_users_count_sql', "SELECT COUNT(DISTINCT ID) FROM {$wpdb->users} WHERE {$status_sql} AND ID IN ( " . $wpdb->escape( $user_ids ) . " )" );1017 $paged_users_sql = apply_filters( 'bp_core_get_specific_users_count_sql', "SELECT DISTINCT ID as id, user_registered, user_nicename, user_login, user_email FROM {$wpdb->users} WHERE {$status_sql} AND ID IN ( " . $wpdb->escape( $user_ids ) . ") {$pag_sql}" );1006 $total_users_sql = apply_filters( 'bp_core_get_specific_users_count_sql', "SELECT COUNT(DISTINCT ID) FROM {$wpdb->users} WHERE {$status_sql} AND ID IN ({$user_ids})" ); 1007 $paged_users_sql = apply_filters( 'bp_core_get_specific_users_count_sql', "SELECT DISTINCT ID as id, user_registered, user_nicename, user_login, user_email FROM {$wpdb->users} WHERE {$status_sql} AND ID IN ({$user_ids}) {$pag_sql}" ); 1018 1008 1019 1009 $total_users = $wpdb->get_var( $total_users_sql ); … … 1070 1060 $user_ids[] = $user->id; 1071 1061 1072 $user_ids = $wpdb->escape( join( ',', (array) $user_ids ) );1073 1074 1062 // Add additional data to the returned results 1075 1063 if ( $populate_extras ) … … 1097 1085 if ( empty( $user_ids ) ) 1098 1086 return $paged_users; 1087 1088 // Sanitize user IDs 1089 $user_ids = implode( ',', wp_parse_id_list( $user_ids ) ); 1099 1090 1100 1091 // Fetch the user's full name -
trunk/bp-core/bp-core-filters.php
r6827 r7024 131 131 return $comments; 132 132 133 $user_ids = implode( ',', $user_ids);133 $user_ids = implode( ',', wp_parse_id_list( $user_ids ) ); 134 134 135 135 if ( !$userdata = $wpdb->get_results( "SELECT ID as user_id, user_login, user_nicename FROM {$wpdb->users} WHERE ID IN ({$user_ids})" ) ) -
trunk/bp-core/bp-core-functions.php
r6771 r7024 142 142 // from the current blog 143 143 $posts_table_name = bp_is_multiblog_mode() ? $wpdb->posts : $wpdb->get_blog_prefix( bp_get_root_blog_id() ) . 'posts'; 144 $page_ids_sql = implode( ',', (array) $page_ids);144 $page_ids_sql = implode( ',', wp_parse_id_list( $page_ids ) ); 145 145 $page_names = $wpdb->get_results( "SELECT ID, post_name, post_parent, post_title FROM {$posts_table_name} WHERE ID IN ({$page_ids_sql}) AND post_status = 'publish' " ); 146 146 -
trunk/tests/testcases/core/class-bp-user-query.php
r7022 r7024 4 4 * @group core 5 5 */ 6 class BP_Tests_ Core_Classes extends BP_UnitTestCase {6 class BP_Tests_BP_User_Query_TestCases extends BP_UnitTestCase { 7 7 protected $old_current_user = 0; 8 8 … … 148 148 149 149 $this->assertEquals( $user_id, $found_user_id ); 150 151 150 } 152 153 151 }
Note: See TracChangeset
for help on using the changeset viewer.