Changeset 1165150
- Timestamp:
- 05/21/2015 06:04:41 PM (11 years ago)
- Location:
- magic-fields-2/trunk
- Files:
-
- 9 edited
-
admin/mf_ajax_call.php (modified) (1 diff)
-
admin/mf_custom_fields.php (modified) (2 diffs)
-
admin/mf_custom_group.php (modified) (1 diff)
-
admin/mf_custom_taxonomy.php (modified) (2 diffs)
-
admin/mf_post.php (modified) (2 diffs)
-
admin/mf_posttype.php (modified) (1 diff)
-
css/mf_field_base.css (modified) (2 diffs)
-
main.php (modified) (3 diffs)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
magic-fields-2/trunk/admin/mf_ajax_call.php
r761841 r1165150 120 120 $cats = preg_split('/\|\|\|/', $data['cats']); 121 121 $cats = maybe_serialize($cats); 122 123 $table = $wpdb->postmeta; 122 124 123 $check_parent ="SELECT meta_id FROM ".$wpdb->postmeta." WHERE meta_key='".$post_type_key."' "; 125 $check_parent = $wpdb->prepare( 126 "SELECT meta_id FROM $wpdb->postmeta ". 127 " WHERE meta_key='%s'", 128 $post_type_key 129 ); 124 130 $query_parent = $wpdb->query($check_parent); 125 131 126 132 if($query_parent){ 127 $sql = "UPDATE ". $wpdb->postmeta . 128 " SET meta_value = '".$cats."' ". 129 " WHERE meta_key = '".$post_type_key."' AND post_id = '0' "; 133 $sql = $wpdb->prepare( 134 "UPDATE $wpdb->postmeta". 135 " SET meta_value = '%s' ". 136 " WHERE meta_key = '%s' AND post_id = '0' ", 137 $cats, 138 $post_type_key 139 ); 140 130 141 }else{ 131 $sql = "INSERT INTO ". $wpdb->postmeta . 132 " (meta_key, meta_value) ". 133 " VALUES ('".$post_type_key."', '".$cats."')"; 142 $sql = $wpdb->prepare( 143 "INSERT INTO $wpdb->postmeta". 144 " (meta_key, meta_value) ". 145 " VALUES ('%s', '%s')", 146 $post_type_key, 147 $cats 148 ); 134 149 } 135 150 $wpdb->query($sql); -
magic-fields-2/trunk/admin/mf_custom_fields.php
r864350 r1165150 286 286 // change the name of field? 287 287 if( $mf['core']['name'] != $field['name'] ){ 288 $query = sprintf(289 "UPDATE %s pm, %s p ".290 " SET pm.field_name = '%s' ".291 " WHERE pm.field_name = '%s' AND p.post_type = '%s' AND pm.post_id = p.id",288 $query = $wpdb->prepare( 289 "UPDATE %s pm, $wpdb->posts p ". 290 " SET pm.field_name = '%s' ". 291 " WHERE pm.field_name = '%s' AND p.post_type = '%s' AND pm.post_id = p.id", 292 292 MF_TABLE_POST_META, 293 $wpdb->posts,294 293 $mf['core']['name'], 295 294 $field['name'], 296 295 $mf['core']['post_type'] 297 ); 296 ); 297 298 298 $wpdb->query($query); 299 299 } … … 602 602 603 603 if( is_int($id) ){ 604 $sql = "DELETE FROM ".MF_TABLE_CUSTOM_FIELDS." WHERE id = ".$id;604 $sql = $wpdb->prepare( "DELETE FROM ".MF_TABLE_CUSTOM_FIELDS." WHERE id = %d",$id ); 605 605 $wpdb->query($sql); 606 606 } -
magic-fields-2/trunk/admin/mf_custom_group.php
r864350 r1165150 49 49 if( is_int($id) ){ 50 50 $group = $this->get_group($id); 51 $sql = sprintf("DELETE FROM %s WHERE id = %s",MF_TABLE_CUSTOM_GROUPS,$id);51 $sql = $wpdb->prepare( "DELETE FROM ".MF_TABLE_CUSTOM_GROUPS." WHERE id = %d",$id ); 52 52 $wpdb->query($sql); 53 53 54 $sql_fields = sprintf("DELETE FROM %s WHERE custom_group_id = %s",MF_TABLE_CUSTOM_FIELDS,$id);54 $sql_fields = $wpdb->prepare( "DELETE FROM ".MF_TABLE_CUSTOM_FIELDS." WHERE custom_group_id = %d",$id ); 55 55 $wpdb->query($sql_fields); 56 56 -
magic-fields-2/trunk/admin/mf_custom_taxonomy.php
r640332 r1165150 108 108 109 109 if( is_int($id) ){ 110 $sql = sprintf( 111 "DELETE FROM " . MF_TABLE_CUSTOM_TAXONOMY . 112 " WHERE id = %d", 113 $id 114 ); 110 $sql = $wpdb->prepare( "DELETE FROM ".MF_TABLE_CUSTOM_TAXONOMY." WHERE id = %d",$id ); 115 111 $wpdb->query($sql); 116 112 $this->mf_redirect(null,null,array('message' => 'success')); … … 547 543 } 548 544 549 public function check_custom_taxonomy($type,$id = NULL){545 public static function check_custom_taxonomy($type,$id = NULL){ 550 546 global $wpdb; 551 547 -
magic-fields-2/trunk/admin/mf_post.php
r958257 r1165150 263 263 264 264 /** Deleting the old values **/ 265 $wpdb->query( "DELETE FROM ". MF_TABLE_POST_META ." WHERE post_id= {$post_id}" ); 265 $sql_delete = $wpdb->prepare( "DELETE FROM ".MF_TABLE_POST_META." WHERE post_id = %s",$post_id ); 266 $wpdb->query($sql_delete); 267 266 268 foreach ( $customfields as $field_name => $field ) { 267 269 delete_post_meta($post_id, $field_name); … … 285 287 $meta_id = $wpdb->insert_id; 286 288 287 $wpdb->query("INSERT INTO ". MF_TABLE_POST_META." ( meta_id, field_name, field_count, group_count, post_id ) ". 288 " VALUES ( {$meta_id}, '{$field_name}' , {$field_count},{$group_count} ,{$post_id} )" 289 $sql_insert = $wpdb->prepare( 290 "INSERT INTO " . MF_TABLE_POST_META . 291 " ( meta_id, field_name, field_count, group_count, post_id ) " . 292 " VALUES " . 293 " (%s,'%s',%s,%s,%s) ", 294 $meta_id, 295 $field_name, 296 $field_count, 297 $group_count, 298 $post_id 289 299 ); 300 301 $wpdb->query($sql_insert); 302 290 303 $field_count++; 291 304 } -
magic-fields-2/trunk/admin/mf_posttype.php
r979682 r1165150 740 740 741 741 if( $post_type ){ 742 $sql = sprintf( 743 "DELETE FROM " . MF_TABLE_POSTTYPES . 744 " WHERE type = '%s'", 745 $post_type 746 ); 742 743 $sql = $wpdb->prepare( "DELETE FROM ".MF_TABLE_POSTTYPES." WHERE type = '%s'",$post_type ); 747 744 $wpdb->query($sql); 748 745 749 746 //delete all groups of post_type 750 $sql_fields = sprintf("DELETE FROM %s WHERE post_type = '%s'",MF_TABLE_CUSTOM_GROUPS,$post_type);747 $sql_fields = $wpdb->prepare( "DELETE FROM ".MF_TABLE_CUSTOM_GROUPS." WHERE post_type = '%s'",$post_type ); 751 748 $wpdb->query($sql_fields); 752 749 753 750 //delete field of post_type 754 $sql_fields = sprintf("DELETE FROM %s WHERE post_type = '%s'",MF_TABLE_CUSTOM_FIELDS,$post_type);751 $sql_fields = $wpdb->prepare( "DELETE FROM ".MF_TABLE_CUSTOM_FIELDS." WHERE post_type = '%s'",$post_type ); 755 752 $wpdb->query($sql_fields); 756 753 -
magic-fields-2/trunk/css/mf_field_base.css
r906980 r1165150 191 191 padding-bottom:2px; 192 192 display: block; 193 margin-right:10px;194 193 } 195 194 .multiline_custom_field{ margin-left: 10px; } … … 225 224 padding:4px 5px 2px; 226 225 } 226 .mf_media_button_div{ 227 margin-left: 10px; 228 } 227 229 228 230 /** -
magic-fields-2/trunk/main.php
r979682 r1165150 4 4 Plugin URI: http://magicfields.org 5 5 Description: Create custom fields for your post types 6 Version: 2.3 6 Version: 2.3.1 7 7 Author: Hunk and Gnuget 8 8 Author URI: http://magicfields.org … … 154 154 */ 155 155 function mf_dispatcher() { 156 157 //is user loged? 158 if ( !is_user_logged_in() ) { 159 die; 160 } 161 162 //same capabilities for the menu 163 if (!current_user_can('activate_plugins') ) { 164 die; 165 } 166 156 167 $section = "mf_dashboard"; 157 168 $action = "main"; … … 165 176 if( !empty( $_GET['mf_action'] ) ) { 166 177 $action = urlencode( $_GET['mf_action'] ); 178 } 179 180 //check only mf_section has prefix mf 181 if ( !(strpos($section, "mf_") === 0) ) { 182 die; 183 } 184 185 //exist class 186 if (!class_exists($section)) { 187 die; 188 } 189 190 if (!method_exists($section,$action)) { 191 die; 167 192 } 168 193 -
magic-fields-2/trunk/readme.txt
r979682 r1165150 2 2 Contributors: hunk, Gnuget 3 3 Tags: cms, post types, fields, taxonomies, custom fields, admin, advanced, edit, magic fields, more fields, Post, repeater, simple fields, text, textarea, type, advanced custom fields, cck, 4 Tested up to: Wordpress 4. 04 Tested up to: Wordpress 4.2.2 5 5 Requires at least: 3.1 6 6 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=edgar%40programador%2ecom&lc=GB&item_name=Donation%20Magic%20Fields¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHostedGuest 7 Stable tag: 2.3 7 Stable tag: 2.3.1 8 8 Description: Magic Fields 2 is a feature rich Wordpress CMS plugin 9 9 … … 26 26 27 27 == Changelog == 28 29 = 2.3.1 = 30 * add verification in dispacher, add wpdb->prepare 31 * add improvements and testing for WP 4.2.2 28 32 29 33 = 2.3 =
Note: See TracChangeset
for help on using the changeset viewer.