Changeset 7025
- Timestamp:
- 05/08/2013 08:31:14 PM (12 years ago)
- Location:
- branches/1.7/bp-core
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/1.7/bp-core/bp-core-cache.php
r6752 r7025 93 93 } 94 94 95 if ( !is_array( $object_ids ) ) { 96 $object_ids = preg_replace( '|[^0-9,]|', '', $object_ids ); 97 $object_ids = explode( ',', $object_ids ); 98 } 99 100 $object_ids = array_map( 'intval', $object_ids ); 95 $object_ids = wp_parse_id_list( $object_ids ); 101 96 102 97 $cache = array(); -
branches/1.7/bp-core/bp-core-classes.php
r7016 r7025 302 302 if ( empty( $include ) && ! empty( $user_id ) && bp_is_active( 'friends' ) ) { 303 303 $friend_ids = friends_get_friend_user_ids( $user_id ); 304 $friend_ids = $wpdb->escape( implode( ',', (array)$friend_ids ) );304 $friend_ids = implode( ',', wp_parse_id_list( $friend_ids ) ); 305 305 306 306 if ( ! empty( $friend_ids ) ) { … … 804 804 805 805 if ( !empty( $exclude ) ) { 806 $exclude = implode( ',', wp_parse_id_list( $exclude ) ); 806 807 $sql['where_exclude'] = "AND u.ID NOT IN ({$exclude})"; 807 808 } … … 813 814 } else { 814 815 if ( !empty( $include ) ) { 815 if ( is_array( $include ) ) { 816 $uids = $wpdb->escape( implode( ',', (array) $include ) ); 817 } else { 818 $uids = $wpdb->escape( $include ); 819 } 820 821 if ( !empty( $uids ) ) { 822 $sql['where_users'] = "AND u.ID IN ({$uids})"; 823 } 816 $include = implode( ',', wp_parse_id_list( $include ) ); 817 $sql['where_users'] = "AND u.ID IN ({$include})"; 824 818 } elseif ( !empty( $user_id ) && bp_is_active( 'friends' ) ) { 825 819 $friend_ids = friends_get_friend_user_ids( $user_id ); 826 $friend_ids = $wpdb->escape( implode( ',', (array) $friend_ids ) );827 820 828 821 if ( !empty( $friend_ids ) ) { 822 $friend_ids = implode( ',', wp_parse_id_list( $friend_ids ) ); 829 823 $sql['where_friends'] = "AND u.ID IN ({$friend_ids})"; 830 824 … … 912 906 } 913 907 914 $user_ids = $wpdb->escape( join( ',', (array) $user_ids ) );915 916 908 // Add additional data to the returned results 917 909 $paged_users = BP_Core_User::get_user_extras( $paged_users, $user_ids, $type ); … … 958 950 959 951 if ( !empty( $exclude ) ) { 960 $exclude = wp_parse_id_list( $r['exclude'] ); 961 $exclude = $wpdb->escape( implode( ',', $exclude ) ); 952 $exclude = implode( ',', wp_parse_id_list( $r['exclude'] ) ); 962 953 $exclude_sql = " AND u.id NOT IN ({$exclude})"; 963 954 } else { … … 980 971 $user_ids = array(); 981 972 foreach ( (array) $paged_users as $user ) 982 $user_ids[] = $user->id; 983 984 $user_ids = $wpdb->escape( join( ',', (array) $user_ids ) ); 973 $user_ids[] = (int) $user->id; 985 974 986 975 // Add additional data to the returned results … … 1010 999 $pag_sql = $wpdb->prepare( " LIMIT %d, %d", intval( ( $page - 1 ) * $limit), intval( $limit ) ); 1011 1000 1001 $user_ids = implode( ',', wp_parse_id_list( $user_ids ) ); 1012 1002 $status_sql = bp_core_get_status_sql(); 1013 1003 1014 $total_users_sql = apply_filters( 'bp_core_get_specific_users_count_sql', "SELECT COUNT(DISTINCT ID) FROM {$wpdb->users} WHERE {$status_sql} AND ID IN ( " . $wpdb->escape( $user_ids ) . " )" );1015 $paged_users_sql = apply_filters( 'bp_core_get_specific_users_count_sql', "SELECT DISTINCT ID as id, user_registered, user_nicename, user_login, user_email FROM {$wpdb->users} WHERE {$status_sql} AND ID IN ( " . $wpdb->escape( $user_ids ) . ") {$pag_sql}" );1004 $total_users_sql = apply_filters( 'bp_core_get_specific_users_count_sql', "SELECT COUNT(DISTINCT ID) FROM {$wpdb->users} WHERE {$status_sql} AND ID IN ({$user_ids})" ); 1005 $paged_users_sql = apply_filters( 'bp_core_get_specific_users_count_sql', "SELECT DISTINCT ID as id, user_registered, user_nicename, user_login, user_email FROM {$wpdb->users} WHERE {$status_sql} AND ID IN ({$user_ids}) {$pag_sql}" ); 1016 1006 1017 1007 $total_users = $wpdb->get_var( $total_users_sql ); … … 1068 1058 $user_ids[] = $user->id; 1069 1059 1070 $user_ids = $wpdb->escape( join( ',', (array) $user_ids ) );1071 1072 1060 // Add additional data to the returned results 1073 1061 if ( $populate_extras ) … … 1095 1083 if ( empty( $user_ids ) ) 1096 1084 return $paged_users; 1085 1086 // Sanitize user IDs 1087 $user_ids = implode( ',', wp_parse_id_list( $user_ids ) ); 1097 1088 1098 1089 // Fetch the user's full name -
branches/1.7/bp-core/bp-core-filters.php
r6827 r7025 131 131 return $comments; 132 132 133 $user_ids = implode( ',', $user_ids);133 $user_ids = implode( ',', wp_parse_id_list( $user_ids ) ); 134 134 135 135 if ( !$userdata = $wpdb->get_results( "SELECT ID as user_id, user_login, user_nicename FROM {$wpdb->users} WHERE ID IN ({$user_ids})" ) ) -
branches/1.7/bp-core/bp-core-functions.php
r6771 r7025 142 142 // from the current blog 143 143 $posts_table_name = bp_is_multiblog_mode() ? $wpdb->posts : $wpdb->get_blog_prefix( bp_get_root_blog_id() ) . 'posts'; 144 $page_ids_sql = implode( ',', (array) $page_ids);144 $page_ids_sql = implode( ',', wp_parse_id_list( $page_ids ) ); 145 145 $page_names = $wpdb->get_results( "SELECT ID, post_name, post_parent, post_title FROM {$posts_table_name} WHERE ID IN ({$page_ids_sql}) AND post_status = 'publish' " ); 146 146
Note: See TracChangeset
for help on using the changeset viewer.