X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/0461a5f2e55c8d5f1fde96ca2e83117152573c7d..9e77185fafaf4e60e2b73821e0e4b9b1a11fb85f:/wp-includes/meta.php diff --git a/wp-includes/meta.php b/wp-includes/meta.php index 0f3aaa97..e3c43cff 100644 --- a/wp-includes/meta.php +++ b/wp-includes/meta.php @@ -27,16 +27,21 @@ * @return int|bool The meta ID on success, false on failure. */ function add_metadata($meta_type, $object_id, $meta_key, $meta_value, $unique = false) { - if ( !$meta_type || !$meta_key ) - return false; + global $wpdb; - if ( !$object_id = absint($object_id) ) + if ( ! $meta_type || ! $meta_key || ! is_numeric( $object_id ) ) { return false; + } - if ( ! $table = _get_meta_table($meta_type) ) + $object_id = absint( $object_id ); + if ( ! $object_id ) { return false; + } - global $wpdb; + $table = _get_meta_table( $meta_type ); + if ( ! $table ) { + return false; + } $column = sanitize_key($meta_type . '_id'); @@ -134,16 +139,21 @@ function add_metadata($meta_type, $object_id, $meta_key, $meta_value, $unique = * @return int|bool Meta ID if the key didn't exist, true on successful update, false on failure. */ function update_metadata($meta_type, $object_id, $meta_key, $meta_value, $prev_value = '') { - if ( !$meta_type || !$meta_key ) - return false; + global $wpdb; - if ( !$object_id = absint($object_id) ) + if ( ! $meta_type || ! $meta_key || ! is_numeric( $object_id ) ) { return false; + } - if ( ! $table = _get_meta_table($meta_type) ) + $object_id = absint( $object_id ); + if ( ! $object_id ) { return false; + } - global $wpdb; + $table = _get_meta_table( $meta_type ); + if ( ! $table ) { + return false; + } $column = sanitize_key($meta_type . '_id'); $id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id'; @@ -281,16 +291,21 @@ function update_metadata($meta_type, $object_id, $meta_key, $meta_value, $prev_v * @return bool True on successful delete, false on failure. */ function delete_metadata($meta_type, $object_id, $meta_key, $meta_value = '', $delete_all = false) { - if ( !$meta_type || !$meta_key ) - return false; + global $wpdb; - if ( (!$object_id = absint($object_id)) && !$delete_all ) + if ( ! $meta_type || ! $meta_key || ! is_numeric( $object_id ) && ! $delete_all ) { return false; + } - if ( ! $table = _get_meta_table($meta_type) ) + $object_id = absint( $object_id ); + if ( ! $object_id && ! $delete_all ) { return false; + } - global $wpdb; + $table = _get_meta_table( $meta_type ); + if ( ! $table ) { + return false; + } $type_column = sanitize_key($meta_type . '_id'); $id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id'; @@ -423,11 +438,14 @@ function delete_metadata($meta_type, $object_id, $meta_key, $meta_value = '', $d * @return string|array Single metadata value, or array of values */ function get_metadata($meta_type, $object_id, $meta_key = '', $single = false) { - if ( !$meta_type ) + if ( ! $meta_type || ! is_numeric( $object_id ) ) { return false; + } - if ( !$object_id = absint($object_id) ) + $object_id = absint( $object_id ); + if ( ! $object_id ) { return false; + } /** * Filter whether to retrieve metadata of a specific type. @@ -487,11 +505,14 @@ function get_metadata($meta_type, $object_id, $meta_key = '', $single = false) { * @return boolean true of the key is set, false if not. */ function metadata_exists( $meta_type, $object_id, $meta_key ) { - if ( ! $meta_type ) + if ( ! $meta_type || ! is_numeric( $object_id ) ) { return false; + } - if ( ! $object_id = absint( $object_id ) ) + $object_id = absint( $object_id ); + if ( ! $object_id ) { return false; + } /** This filter is documented in wp-includes/meta.php */ $check = apply_filters( "get_{$meta_type}_metadata", null, $object_id, $meta_key, true ); @@ -523,14 +544,19 @@ function metadata_exists( $meta_type, $object_id, $meta_key ) { function get_metadata_by_mid( $meta_type, $meta_id ) { global $wpdb; - if ( ! $meta_type ) + if ( ! $meta_type || ! is_numeric( $meta_id ) ) { return false; + } - if ( !$meta_id = absint( $meta_id ) ) + $meta_id = absint( $meta_id ); + if ( ! $meta_id ) { return false; + } - if ( ! $table = _get_meta_table($meta_type) ) + $table = _get_meta_table( $meta_type ); + if ( ! $table ) { return false; + } $id_column = ( 'user' == $meta_type ) ? 'umeta_id' : 'meta_id'; @@ -563,14 +589,19 @@ function update_metadata_by_mid( $meta_type, $meta_id, $meta_value, $meta_key = global $wpdb; // Make sure everything is valid. - if ( ! $meta_type ) + if ( ! $meta_type || ! is_numeric( $meta_id ) ) { return false; + } - if ( ! $meta_id = absint( $meta_id ) ) + $meta_id = absint( $meta_id ); + if ( ! $meta_id ) { return false; + } - if ( ! $table = _get_meta_table( $meta_type ) ) + $table = _get_meta_table( $meta_type ); + if ( ! $table ) { return false; + } $column = sanitize_key($meta_type . '_id'); $id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id'; @@ -578,7 +609,6 @@ function update_metadata_by_mid( $meta_type, $meta_id, $meta_value, $meta_key = // Fetch the meta and go on if it's found. if ( $meta = get_metadata_by_mid( $meta_type, $meta_id ) ) { $original_key = $meta->meta_key; - $original_value = $meta->meta_value; $object_id = $meta->{$column}; // If a new meta_key (last parameter) was specified, change the meta key, @@ -651,14 +681,19 @@ function delete_metadata_by_mid( $meta_type, $meta_id ) { global $wpdb; // Make sure everything is valid. - if ( ! $meta_type ) + if ( ! $meta_type || ! is_numeric( $meta_id ) ) { return false; + } - if ( ! $meta_id = absint( $meta_id ) ) + $meta_id = absint( $meta_id ); + if ( ! $meta_id ) { return false; + } - if ( ! $table = _get_meta_table( $meta_type ) ) + $table = _get_meta_table( $meta_type ); + if ( ! $table ) { return false; + } // object and id columns $column = sanitize_key($meta_type . '_id'); @@ -729,16 +764,19 @@ function delete_metadata_by_mid( $meta_type, $meta_id ) { * @return mixed Metadata cache for the specified objects, or false on failure. */ function update_meta_cache($meta_type, $object_ids) { - if ( empty( $meta_type ) || empty( $object_ids ) ) + global $wpdb; + + if ( ! $meta_type || ! $object_ids ) { return false; + } - if ( ! $table = _get_meta_table($meta_type) ) + $table = _get_meta_table( $meta_type ); + if ( ! $table ) { return false; + } $column = sanitize_key($meta_type . '_id'); - global $wpdb; - if ( !is_array($object_ids) ) { $object_ids = preg_replace('|[^0-9,]|', '', $object_ids); $object_ids = explode(',', $object_ids); @@ -848,7 +886,7 @@ class WP_Meta_Query { * * @param array $meta_query (optional) A meta query */ - function __construct( $meta_query = false ) { + public function __construct( $meta_query = false ) { if ( !$meta_query ) return; @@ -876,7 +914,7 @@ class WP_Meta_Query { * * @param array $qv The query variables */ - function parse_query_vars( $qv ) { + public function parse_query_vars( $qv ) { $meta_query = array(); // Simple query needs to be first for orderby=meta_value to work correctly @@ -904,7 +942,7 @@ class WP_Meta_Query { * @param string $type MySQL type to cast meta_value * @return string MySQL type */ - function get_cast_for_type( $type = '' ) { + public function get_cast_for_type( $type = '' ) { if ( empty( $type ) ) return 'CHAR'; @@ -931,7 +969,7 @@ class WP_Meta_Query { * @param object $context (optional) The main query object * @return array( 'join' => $join_sql, 'where' => $where_sql ) */ - function get_sql( $type, $primary_table, $primary_id_column, $context = null ) { + public function get_sql( $type, $primary_table, $primary_id_column, $context = null ) { global $wpdb; if ( ! $meta_table = _get_meta_table( $type ) ) @@ -1041,8 +1079,8 @@ class WP_Meta_Query { } elseif ( 'BETWEEN' == substr( $meta_compare, -7) ) { $meta_value = array_slice( $meta_value, 0, 2 ); $meta_compare_string = '%s AND %s'; - } elseif ( 'LIKE' == substr( $meta_compare, -4 ) ) { - $meta_value = '%' . like_escape( $meta_value ) . '%'; + } elseif ( 'LIKE' == $meta_compare || 'NOT LIKE' == $meta_compare ) { + $meta_value = '%' . $wpdb->esc_like( $meta_value ) . '%'; $meta_compare_string = '%s'; } else { $meta_compare_string = '%s';