]> scripts.mit.edu Git - autoinstalls/wordpress.git/blobdiff - wp-admin/includes/export.php
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Wordpress 2.6.2
[autoinstalls/wordpress.git] / wp-admin / includes / export.php
diff --git a/wp-admin/includes/export.php b/wp-admin/includes/export.php
index 96239af92120c4ed37fbed9055bbba8443b732a8..00201fab764d67b50829ade6e542a04598ba9a79 100644 (file)
--- a/wp-admin/includes/export.php
+++ b/wp-admin/includes/export.php
@@ -17,7 +17,7 @@ header('Content-Type: text/xml; charset=' . get_option('blog_charset'), true);
 $where = '';
 if ( $author and $author != 'all' ) {
        $author_id = (int) $author;
-       $where = " WHERE post_author = '$author_id' ";
+       $where = $wpdb->prepare(" WHERE post_author = %d ", $author_id);
 }
 
 // grab a snapshot of post IDs, just in case it changes during the export
@@ -201,6 +201,7 @@ echo '<?xml version="1.0" encoding="' . get_bloginfo('charset') . '"?' . ">\n";
 <guid isPermaLink="false"><?php the_guid(); ?></guid>
 <description></description>
 <content:encoded><?php echo wxr_cdata( apply_filters('the_content_export', $post->post_content) ); ?></content:encoded>
+<excerpt:encoded><?php echo wxr_cdata( apply_filters('the_excerpt_export', $post->post_excerpt) ); ?></excerpt:encoded>
 <wp:post_id><?php echo $post->ID; ?></wp:post_id>
 <wp:post_date><?php echo $post->post_date; ?></wp:post_date>
 <wp:post_date_gmt><?php echo $post->post_date_gmt; ?></wp:post_date_gmt>
@@ -217,7 +218,7 @@ if ($post->post_type == 'attachment') { ?>
 <wp:attachment_url><?php echo wp_get_attachment_url($post->ID); ?></wp:attachment_url>
 <?php } ?>
 <?php
-$postmeta = $wpdb->get_results("SELECT * FROM $wpdb->postmeta WHERE post_id = $post->ID");
+$postmeta = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->postmeta WHERE post_id = %d", $post->ID) );
 if ( $postmeta ) {
 ?>
 <?php foreach( $postmeta as $meta ) { ?>
@@ -228,7 +229,7 @@ if ( $postmeta ) {
 <?php } ?>
 <?php } ?>
 <?php
-$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $post->ID");
+$comments = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d", $post->ID) );
 if ( $comments ) { foreach ( $comments as $c ) { ?>
 <wp:comment>
 <wp:comment_id><?php echo $c->comment_ID; ?></wp:comment_id>
@@ -252,4 +253,4 @@ if ( $comments ) { foreach ( $comments as $c ) { ?>
 <?php
 }
 
-?>
\ No newline at end of file
+?>
WordPress autoinstaller for phpBB