'error'
, 'm'
, 'p'
+ , 'post_parent'
, 'subpost'
, 'subpost_id'
, 'attachment'
, 'tb'
, 'paged'
, 'comments_popup'
+ , 'meta_key'
+ , 'meta_value'
, 'preview'
);
$array[$key] = '';
}
- $array_keys = array('category__in', 'category__not_in', 'category__and',
+ $array_keys = array('category__in', 'category__not_in', 'category__and', 'post__in', 'post__not_in',
'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and');
foreach ( $array_keys as $key ) {
if ( ! empty($qv['robots']) )
$this->is_robots = true;
- $qv['p'] = (int) $qv['p'];
- $qv['page_id'] = (int) $qv['page_id'];
- $qv['year'] = (int) $qv['year'];
- $qv['monthnum'] = (int) $qv['monthnum'];
- $qv['day'] = (int) $qv['day'];
- $qv['w'] = (int) $qv['w'];
- $qv['m'] = (int) $qv['m'];
+ $qv['p'] = absint($qv['p']);
+ $qv['page_id'] = absint($qv['page_id']);
+ $qv['year'] = absint($qv['year']);
+ $qv['monthnum'] = absint($qv['monthnum']);
+ $qv['day'] = absint($qv['day']);
+ $qv['w'] = absint($qv['w']);
+ $qv['m'] = absint($qv['m']);
$qv['cat'] = preg_replace( '|[^0-9,-]|', '', $qv['cat'] ); // comma separated list of positive or negative integers
- if ( '' !== $qv['hour'] ) $qv['hour'] = (int) $qv['hour'];
- if ( '' !== $qv['minute'] ) $qv['minute'] = (int) $qv['minute'];
- if ( '' !== $qv['second'] ) $qv['second'] = (int) $qv['second'];
+ if ( '' !== $qv['hour'] ) $qv['hour'] = absint($qv['hour']);
+ if ( '' !== $qv['minute'] ) $qv['minute'] = absint($qv['minute']);
+ if ( '' !== $qv['second'] ) $qv['second'] = absint($qv['second']);
// Compat. Map subpost to attachment.
if ( '' != $qv['subpost'] )
if ( '' != $qv['subpost_id'] )
$qv['attachment_id'] = $qv['subpost_id'];
- $qv['attachment_id'] = (int) $qv['attachment_id'];
+ $qv['attachment_id'] = absint($qv['attachment_id']);
if ( ('' != $qv['attachment']) || !empty($qv['attachment_id']) ) {
$this->is_single = true;
if ( !is_array($qv['category__in']) || empty($qv['category__in']) ) {
$qv['category__in'] = array();
} else {
- $qv['category__in'] = array_map('intval', $qv['category__in']);
+ $qv['category__in'] = array_map('absint', $qv['category__in']);
$this->is_category = true;
}
if ( !is_array($qv['category__not_in']) || empty($qv['category__not_in']) ) {
$qv['category__not_in'] = array();
} else {
- $qv['category__not_in'] = array_map('intval', $qv['category__not_in']);
+ $qv['category__not_in'] = array_map('absint', $qv['category__not_in']);
}
if ( !is_array($qv['category__and']) || empty($qv['category__and']) ) {
$qv['category__and'] = array();
} else {
- $qv['category__and'] = array_map('intval', $qv['category__and']);
+ $qv['category__and'] = array_map('absint', $qv['category__and']);
$this->is_category = true;
}
if ( '' != $qv['tag'] )
$this->is_tag = true;
- $qv['tag_id'] = (int) $qv['tag_id'];
+ $qv['tag_id'] = absint($qv['tag_id']);
if ( !empty($qv['tag_id']) )
$this->is_tag = true;
if ( !is_array($qv['tag__in']) || empty($qv['tag__in']) ) {
$qv['tag__in'] = array();
} else {
- $qv['tag__in'] = array_map('intval', $qv['tag__in']);
+ $qv['tag__in'] = array_map('absint', $qv['tag__in']);
$this->is_tag = true;
}
if ( !is_array($qv['tag__not_in']) || empty($qv['tag__not_in']) ) {
$qv['tag__not_in'] = array();
} else {
- $qv['tag__not_in'] = array_map('intval', $qv['tag__not_in']);
+ $qv['tag__not_in'] = array_map('absint', $qv['tag__not_in']);
}
if ( !is_array($qv['tag__and']) || empty($qv['tag__and']) ) {
$qv['tag__and'] = array();
} else {
- $qv['tag__and'] = array_map('intval', $qv['tag__and']);
+ $qv['tag__and'] = array_map('absint', $qv['tag__and']);
$this->is_category = true;
}
$qv['post_type'] = sanitize_user($qv['post_type'], true);
if ( !empty($qv['post_status']) )
- $qv['post_status'] = sanitize_user($qv['post_status'], true);
+ $qv['post_status'] = preg_replace('|[^a-z0-9_,-]|', '', $qv['post_status']);
- if ( $this->is_posts_page && !$qv['withcomments'] )
+ if ( $this->is_posts_page && ( ! isset($qv['withcomments']) || ! $qv['withcomments'] ) )
$this->is_comment_feed = false;
$this->is_singular = $this->is_single || $this->is_page || $this->is_attachment;
$join = '';
$search = '';
$groupby = '';
+ $fields = "$wpdb->posts.*";
$post_status_join = false;
+ $page = 1;
+
+ if ( !isset($q['suppress_filters']) )
+ $q['suppress_filters'] = false;
if ( !isset($q['post_type']) ) {
if ( $this->is_search )
if (isset($q['page'])) {
$q['page'] = trim($q['page'], '/');
- $q['page'] = (int) $q['page'];
- $q['page'] = abs($q['page']);
+ $q['page'] = absint($q['page']);
}
// If a month is specified in the querystring, load that month
$reqpage = 0;
}
- if ( ('page' != get_option('show_on_front') ) || ( $reqpage != get_option('page_for_posts') ) ) {
+ $page_for_posts = get_option('page_for_posts');
+ if ( ('page' != get_option('show_on_front') ) || empty($page_for_posts) || ( $reqpage != $page_for_posts ) ) {
$q['pagename'] = str_replace('%2F', '/', urlencode(urldecode($q['pagename'])));
$page_paths = '/' . trim($q['pagename'], '/');
$q['pagename'] = sanitize_title(basename($page_paths));
$q['name'] = $q['pagename'];
- $where .= " AND (ID = '$reqpage')";
+ $where .= " AND ($wpdb->posts.ID = '$reqpage')";
$reqpage_obj = get_page($reqpage);
if ( 'attachment' == $reqpage_obj->post_type ) {
$this->is_attachment = true;
$where .= " AND WEEK($wpdb->posts.post_date, 1)='" . $q['w'] . "'";
if ( intval($q['comments_popup']) )
- $q['p'] = intval($q['comments_popup']);
+ $q['p'] = absint($q['comments_popup']);
// If an attachment is requested by number, let it supercede any post number.
if ( $q['attachment_id'] )
- $q['p'] = $q['attachment_id'];
+ $q['p'] = absint($q['attachment_id']);
// If a post number is specified, load that post
- if ( $q['p'] )
- $where = " AND {$wpdb->posts}.ID = " . $q['p'];
+ if ( $q['p'] ) {
+ $where .= " AND {$wpdb->posts}.ID = " . $q['p'];
+ } elseif ( $q['post__in'] ) {
+ $post__in = implode(',', array_map( 'absint', $q['post__in'] ));
+ $where .= " AND {$wpdb->posts}.ID IN ($post__in)";
+ } elseif ( $q['post__not_in'] ) {
+ $post__not_in = implode(',', array_map( 'absint', $q['post__not_in'] ));
+ $where .= " AND {$wpdb->posts}.ID NOT IN ($post__not_in)";
+ }
+
+ if ( $q['post_parent'] )
+ $where .= $wpdb->prepare( " AND $wpdb->posts.post_parent = %d ", $q['post_parent'] );
if ( $q['page_id'] ) {
if ( ('page' != get_option('show_on_front') ) || ( $q['page_id'] != get_option('page_for_posts') ) ) {
$whichcat .= " AND $wpdb->term_taxonomy.taxonomy = 'post_tag' ";
$include_tags = "'" . implode("', '", $q['tag_slug__in']) . "'";
$whichcat .= " AND $wpdb->terms.slug IN ($include_tags) ";
- $reqtag = is_term( $q['tag_slug__in'][0], 'post_tag' );
+ $reqtag = get_term_by( 'slug', $q['tag_slug__in'][0], 'post_tag' );
if ( !empty($reqtag) )
- $q['tag_id'] = $reqtag['term_id'];
+ $q['tag_id'] = $reqtag->term_id;
}
if ( !empty($q['tag__not_in']) ) {
$eq = '!=';
$andor = 'AND';
$q['author'] = explode('-', $q['author']);
- $q['author'] = ''.intval($q['author'][1]);
+ $q['author'] = '' . absint($q['author'][1]);
} else {
$eq = '=';
$andor = 'OR';
}
$author_array = preg_split('/[,\s]+/', $q['author']);
- $whichauthor .= " AND ($wpdb->posts.post_author ".$eq.' '.intval($author_array[0]);
+ $whichauthor .= " AND ($wpdb->posts.post_author ".$eq.' '.absint($author_array[0]);
for ($i = 1; $i < (count($author_array)); $i = $i + 1) {
- $whichauthor .= ' '.$andor." $wpdb->posts.post_author ".$eq.' '.intval($author_array[$i]);
+ $whichauthor .= ' '.$andor." $wpdb->posts.post_author ".$eq.' '.absint($author_array[$i]);
}
$whichauthor .= ')';
}
}
$q['author_name'] = sanitize_title($q['author_name']);
$q['author'] = $wpdb->get_var("SELECT ID FROM $wpdb->users WHERE user_nicename='".$q['author_name']."'");
- $whichauthor .= " AND ($wpdb->posts.post_author = ".intval($q['author']).')';
+ $whichauthor .= " AND ($wpdb->posts.post_author = ".absint($q['author']).')';
}
// MIME-Type stuff for attachment browsing
$where .= ')';
}
+ // postmeta queries
+ if ( ! empty($q['meta_key']) || ! empty($q['meta_value']) )
+ $join .= " LEFT JOIN $wpdb->postmeta ON ($wpdb->posts.ID = $wpdb->postmeta.post_id) ";
+ if ( ! empty($q['meta_key']) )
+ $where .= $wpdb->prepare("AND $wpdb->postmeta.meta_key = %s ", $q['meta_key']);
+ if ( ! empty($q['meta_value']) )
+ $where .= $wpdb->prepare("AND $wpdb->postmeta.meta_value = %s ", $q['meta_value']);
+
// Apply filters on where and join prior to paging so that any
// manipulations to them are reflected in the paging by day queries.
- $where = apply_filters('posts_where', $where);
- $join = apply_filters('posts_join', $join);
+ if ( !$q['suppress_filters'] ) {
+ $where = apply_filters('posts_where', $where);
+ $join = apply_filters('posts_join', $join);
+ }
// Paging
if ( empty($q['nopaging']) && !$this->is_singular ) {
if ( empty($q['offset']) ) {
$pgstrt = '';
- $pgstrt = (intval($page) -1) * $q['posts_per_page'] . ', ';
+ $pgstrt = ($page - 1) * $q['posts_per_page'] . ', ';
$limits = 'LIMIT '.$pgstrt.$q['posts_per_page'];
} else { // we're ignoring $page and using 'offset'
$q['offset'] = absint($q['offset']);
$cgroupby = '';
}
- $cjoin = apply_filters('comment_feed_join', $cjoin);
- $cwhere = apply_filters('comment_feed_where', $cwhere);
- $cgroupby = apply_filters('comment_feed_groupby', $cgroupby);
+ if ( !$q['suppress_filters'] ) {
+ $cjoin = apply_filters('comment_feed_join', $cjoin);
+ $cwhere = apply_filters('comment_feed_where', $cwhere);
+ $cgroupby = apply_filters('comment_feed_groupby', $cgroupby);
+ }
$this->comments = (array) $wpdb->get_results("SELECT $distinct $wpdb->comments.* FROM $wpdb->comments $cjoin $cwhere $cgroupby ORDER BY comment_date_gmt DESC LIMIT " . get_option('posts_per_rss'));
$this->comment_count = count($this->comments);
$where = "AND 0";
}
+ $orderby = $q['orderby'];
+
// Apply post-paging filters on where and join. Only plugins that
// manipulate paging queries should use these hooks.
-
- $where = apply_filters('posts_where_paged', $where);
- $groupby = apply_filters('posts_groupby', $groupby);
- $join = apply_filters('posts_join_paged', $join);
- $orderby = apply_filters('posts_orderby', $q['orderby']);
- $distinct = apply_filters('posts_distinct', $distinct);
- $fields = apply_filters('posts_fields', "$wpdb->posts.*");
- $limits = apply_filters( 'post_limits', $limits );
+ if ( !$q['suppress_filters'] ) {
+ $where = apply_filters('posts_where_paged', $where);
+ $groupby = apply_filters('posts_groupby', $groupby);
+ $join = apply_filters('posts_join_paged', $join);
+ $orderby = apply_filters('posts_orderby', $orderby);
+ $distinct = apply_filters('posts_distinct', $distinct);
+ $fields = apply_filters('posts_fields', $fields);
+ $limits = apply_filters( 'post_limits', $limits );
+ }
// Announce current selection parameters. For use by caching plugins.
do_action( 'posts_selection', $where . $groupby . $orderby . $limits . $join );
// Filter again for the benefit of caching plugins. Regular plugins should use the hooks above.
- $where = apply_filters('posts_where_request', $where);
- $groupby = apply_filters('posts_groupby_request', $groupby);
- $join = apply_filters('posts_join_request', $join);
- $orderby = apply_filters('posts_orderby_request', $orderby);
- $distinct = apply_filters('posts_distinct_request', $distinct);
- $fields = apply_filters('posts_fields_request', $fields);
- $limits = apply_filters( 'post_limits_request', $limits );
+ if ( !$q['suppress_filters'] ) {
+ $where = apply_filters('posts_where_request', $where);
+ $groupby = apply_filters('posts_groupby_request', $groupby);
+ $join = apply_filters('posts_join_request', $join);
+ $orderby = apply_filters('posts_orderby_request', $orderby);
+ $distinct = apply_filters('posts_distinct_request', $distinct);
+ $fields = apply_filters('posts_fields_request', $fields);
+ $limits = apply_filters( 'post_limits_request', $limits );
+ }
if ( ! empty($groupby) )
$groupby = 'GROUP BY ' . $groupby;
if ( !empty($limits) )
$found_rows = 'SQL_CALC_FOUND_ROWS';
- $request = " SELECT $found_rows $distinct $fields FROM $wpdb->posts $join WHERE 1=1 $where $groupby $orderby $limits";
- $this->request = apply_filters('posts_request', $request);
+ $this->request = " SELECT $found_rows $distinct $fields FROM $wpdb->posts $join WHERE 1=1 $where $groupby $orderby $limits";
+ if ( !$q['suppress_filters'] )
+ $this->request = apply_filters('posts_request', $this->request);
$this->posts = $wpdb->get_results($this->request);
// Raw results filter. Prior to status checks.
- $this->posts = apply_filters('posts_results', $this->posts);
+ if ( !$q['suppress_filters'] )
+ $this->posts = apply_filters('posts_results', $this->posts);
if ( !empty($this->posts) && $this->is_comment_feed && $this->is_singular ) {
$cjoin = apply_filters('comment_feed_join', '');
}
}
- $this->posts = apply_filters('the_posts', $this->posts);
+ if ( !$q['suppress_filters'] )
+ $this->posts = apply_filters('the_posts', $this->posts);
update_post_caches($this->posts);
function have_posts() {
if ($this->current_post + 1 < $this->post_count) {
return true;
- } elseif ($this->current_post + 1 == $this->post_count) {
+ } elseif ($this->current_post + 1 == $this->post_count && $this->post_count > 0) {
do_action('loop_end');
// Do some cleaning up after the loop
$this->rewind_posts();
$tax = $this->get('taxonomy');
$slug = $this->get('term');
$term = &get_terms($tax, array('slug'=>$slug));
- if ( is_wp_error($term) )
+ if ( is_wp_error($term) || empty($term) )
return $term;
+ $term = $term[0];
$this->queried_object = $term;
$this->queried_object_id = $term->term_id;
} else if ($this->is_posts_page) {