Changeset 6715

Timestamp:

09/26/2017 07:11:40 PM (9 years ago)

Author:

johnjamesjacoby

Message:

Tools: Remove quotes from prepared query statements.

Also use the same esc_like() result in 2 matched queries.

Props jrf. Fixes #3168.

Location:

trunk/src/includes/admin

Files:

• classes/class-bbp-converter-base.php (modified) (1 diff)
• tools/repair.php (modified) (1 diff)

trunk/src/includes/admin/classes/class-bbp-converter-base.php

@@ -841 +841 @@
         /** Delete topics/forums/posts ****************************************/
 
-        $query = ! empty( $this->sync_table )
-            ? $this->wpdb->prepare( "SELECT value_id FROM {$this->sync_table_name} INNER JOIN {$this->wpdb->posts} ON(value_id = ID) WHERE meta_key LIKE '_bbp_%' AND value_type = %s GROUP BY value_id ORDER BY value_id DESC LIMIT {$this->max_rows}", 'post' )
-            : $this->wpdb->prepare( "SELECT post_id AS value_id FROM {$this->wpdb->postmeta} WHERE meta_key LIKE %s GROUP BY post_id ORDER BY post_id DESC LIMIT {$this->max_rows}", $this->wpdb->esc_like( '_bbp_' ) . '%' );
+        $esc_like = $this->wpdb->esc_like( '_bbp_' ) . '%';
+        $query    = ! empty( $this->sync_table )
+            ? $this->wpdb->prepare( "SELECT value_id FROM {$this->sync_table_name} INNER JOIN {$this->wpdb->posts} ON(value_id = ID) WHERE meta_key LIKE %s AND value_type = %s GROUP BY value_id ORDER BY value_id DESC LIMIT {$this->max_rows}", $esc_like, 'post' )
+            : $this->wpdb->prepare( "SELECT post_id AS value_id FROM {$this->wpdb->postmeta} WHERE meta_key LIKE %s GROUP BY post_id ORDER BY post_id DESC LIMIT {$this->max_rows}", $esc_like );
 
         $posts = $this->get_results( $query, ARRAY_A );

trunk/src/includes/admin/tools/repair.php

@@ -1014 +1014 @@
     $bbp_db        = bbp_db();
     $statement     = esc_html__( 'Repairing closed topics… %s', 'bbpress' );
-    $result        = esc_html__( 'No closed topics to repair.', 'bbpress' );
+    $result        = esc_html__( 'No closed topics to repair.',        'bbpress' );
     $changed       = 0;
 
     // Results
-    $query         = "SELECT ID FROM `{$bbp_db->posts}` WHERE `post_type` = '%s' AND `post_status` = 'closed'";
-    $prepare       = $bbp_db->prepare( $query, bbp_get_topic_post_type() );
+    $query         = "SELECT ID FROM `{$bbp_db->posts}` WHERE `post_type` = %s AND `post_status` = %s";
+    $prepare       = $bbp_db->prepare( $query, bbp_get_topic_post_type(), bbp_get_closed_status_id() );
     $closed_topics = $bbp_db->get_col( $prepare );