Changeset 1331850
- Timestamp:
- 01/20/2016 05:05:46 AM (10 years ago)
- Location:
- custom-post-order-category/trunk
- Files:
-
- 2 edited
-
readme.txt (modified) (1 diff)
-
wp-customcategorypostorder.php (modified) (15 diffs)
Legend:
- Unmodified
- Added
- Removed
-
custom-post-order-category/trunk/readme.txt
r969387 r1331850 70 70 Premium Features - Now arrage your posts in Ascending/ Descending order in just one click. 71 71 72 = 1.5.6 = 73 Now more secure from hackers , Please backup your database before upgrade, it can delete your all orders, download pluging in seperated directory and replace only plugin file. 74 72 75 == Arbitrary section 1 == -
custom-post-order-category/trunk/wp-customcategorypostorder.php
r969387 r1331850 8 8 Plugin Name: Custom Category Post Order 9 9 Description: Arrange Post through drag n drop interface of selected category and post type. 10 Author: Faaiq Ahmed, Technical Architect PHP, faaiqsj@gmail.com10 Author: Faaiq Ahmed, Technical Architect PHP, nfaaiq@gmail.com 11 11 Version: 1.5.5 12 12 */ … … 60 60 $role = $_POST['role']; 61 61 if(isset($_POST) and $role != "") { 62 63 update_option( "ccpo_order_manager", $role ); 64 print "Role Updated"; 62 update_option( "ccpo_order_manager", $role ); 63 print "Role Updated"; 65 64 66 65 } 67 66 $role = get_option( 'ccpo_order_manager', 'administrator' ); 68 $roles = $wp_roles->get_names();67 $roles = $wp_roles->get_names(); 69 68 $select = ""; 70 69 foreach($roles as $key=> $label) { … … 77 76 } 78 77 79 80 <h2>Who Can Arrange Post</h2>81 <form method="post">';82 wp_nonce_field('update-options');78 print '<div class="wrap"> 79 <h2>Who Can Arrange Post</h2> 80 <form method="post">'; 81 wp_nonce_field('update-options'); 83 82 84 83 print '<table class="form-table"> … … 148 147 if($category != '' ) { 149 148 150 $sql = "select * from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '$category' order by weight";149 $sql = $wpdb->prepare("select * from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '%d' order by weight",$category); 151 150 $order_result = $wpdb->get_results($sql); 152 151 153 152 for($k = 0 ;$k < count($order_result); ++$k) { 154 153 $order_result_incl[$order_result[$k]->post_id] = $order_result[$k]->incl; 155 154 } 156 155 … … 187 186 188 187 } 189 188 190 189 $checked = get_option( "ccpo_category_ordering_".$category ); 191 190 ?> … … 230 229 $html .= '<ul id="sortable" class="sortableul">'; 231 230 231 232 232 for($i = 0; $i < count( $order_result); ++$i) { 233 233 $post_id = $order_result[$i]->post_id; 234 234 235 $post = $temp_order[$post_id]; 235 236 236 237 unset($temp_order[$post_id]); 237 $total = $this->check_order_table($post->ID,$category); 238 $od = $order_result_incl[$post->ID]; 238 239 $total = $this->check_order_table($post->ID,$category); 240 241 $od = $order_result_incl[$post->ID]; 242 239 243 if($od == 1) { 240 244 $edit = '<small><a href="javascript:void(0);" onclick="rempst('.$post->ID.',\''.$category.'\')">Remove</a></small>'; … … 242 246 $edit = '<small><a href="javascript:void(0);" onclick="rempst('.$post->ID.',\''.$category.'\')">Add</a></small>'; 243 247 } 248 244 249 if($checked == "checked") { 245 if($total > 0 ) {250 if($total > 0 ) { 246 251 $html .= '<li class="sortable" id="'.$post->ID.'" rel="'.$post->ID.'" post_title="'.$post->post_title.'">'; 247 252 $html .= '<div id="post" class="drag_post">'.$post->post_title.'<div class="ar_link" id="id_'.$post->ID.'">'.$edit.'</div></div>'; … … 254 259 } 255 260 261 262 256 263 foreach($temp_order as $temp_order_id => $temp_order_post) { 257 264 $post_id = $temp_order_id; … … 365 372 $category = $_POST['category']; 366 373 $post_id = $_POST['post_id']; 367 368 $incl = $wpdb->get_var("select incl from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '$category' and post_id = '$post_id'"); 374 375 $incl = $wpdb->get_var($wpdb->prepare( "select incl from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '$category' and post_id = '%d'",$post_id)); 376 369 377 $new_incl = ($incl == 1) ? 0 : 1; 370 $wpdb->query( "update ".$wpdb->prefix."ccpo_post_order_rel set incl = '$new_incl' where category_id = '$category' and post_id = '$post_id'");378 $wpdb->query($wpdb->prepare( "update ".$wpdb->prefix."ccpo_post_order_rel set incl = '%d' where category_id = '%d' and post_id = '%d'",$new_incl,$category,$post_id)); 371 379 372 380 if($new_incl == 1) { … … 386 394 function check_order_table($post,$cat) { 387 395 global $wpdb; // this is how you get access to the database 388 $total = $wpdb->get_var( "select count(*) as total from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '$cat' and post_id = '$post'");396 $total = $wpdb->get_var($wpdb->prepare( "select count(*) as total from " . $wpdb->prefix . "ccpo_post_order_rel where category_id = '%d' and post_id = '%d'",$cat, $post)); 389 397 return $total; 390 398 } … … 407 415 $category = $_POST['category']; 408 416 //$wpdb->query("delete from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '$category'"); 409 410 $total = $wpdb->get_var( "select count(*) as total from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '$category'");417 418 $total = $wpdb->get_var($wpdb->prepare( "select count(*) as total from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '%d'",$category)); 411 419 412 420 if($total == 0) { //executes when there is not date for selected category … … 416 424 } 417 425 $sql = "insert into ".$wpdb->prefix."ccpo_post_order_rel (category_id,post_id,weight) values ".implode(",",$value); 426 418 427 $wpdb->query($sql); 419 428 }else { … … 421 430 foreach($order as $post_id) { 422 431 ++$weight; 423 $sql = "update ".$wpdb->prefix."ccpo_post_order_rel set weight='$weight' where post_id = '$post_id' and category_id = '$category'"; 424 $wpdb->query($sql); 425 } 426 427 $results = $wpdb->get_results("select * from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '$category' order by weight"); 432 433 //$sql = "update ".$wpdb->prefix."ccpo_post_order_rel set weight='$weight' where post_id = '$post_id' and category_id = '$category'"; 434 $wpdb->query($wpdb->prepare( "update ".$wpdb->prefix."ccpo_post_order_rel set weight='%d' where post_id = '%d' and category_id = '%d'",$weight, $post_id, $category)); 435 } 436 437 $results = $wpdb->get_results($wpdb->prepare("select * from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '%d' order by weight",$category)); 428 438 429 439 foreach($results as $index => $result_row) { … … 439 449 $id = $row->id; 440 450 441 $exists = $wpdb->get_var( "select count(*) as total from ".$wpdb->prefix."ccpo_post_order_rel where post_id = '$post_id' and category_id = '$category'");451 $exists = $wpdb->get_var($wpdb->prepare("select count(*) as total from ".$wpdb->prefix."ccpo_post_order_rel where post_id = '%d' and category_id = '%d'",$post_id, $category)); 442 452 443 453 if($exists > 0) { 444 $sql = "update ".$wpdb->prefix."ccpo_post_order_rel set post_id = '$post_id',incl = '$incl' where id = '$id'";454 $sql = $wpdb->prepare("update ".$wpdb->prefix."ccpo_post_order_rel set post_id = '%d',incl = '%d' where id = '%d'",$post_id,$incl,$id); 445 455 $wpdb->query($sql); 446 456 }else { 447 $sql = "insert into ".$wpdb->prefix."ccpo_post_order_rel set category_id = '$category' ,post_id = '$post_id', incl = '0'";457 $sql = $wpdb->prepare("insert into ".$wpdb->prefix."ccpo_post_order_rel set category_id = '%d' ,post_id = '%d', incl = '0'",$category,$post_id); 448 458 $wpdb->query($sql); 449 459 } … … 531 541 foreach($cats as $key => $cat) { 532 542 $cat_id = $cat->term_id; 533 $total = $wpdb->get_var( "select count(*) as total from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '$cat_id' and post_id = '$post_id'");543 $total = $wpdb->get_var($wpdb->prepare("select count(*) as total from ".$wpdb->prefix."ccpo_post_order_rel where category_id = '%d' and post_id = '%d'",$cat_id,$post_id)); 534 544 if($total == 0) { 535 $sql = "insert into ".$wpdb->prefix."ccpo_post_order_rel (category_id,post_id) values ('$cat_id','$post_id')";545 $sql = $wpdb->prepare("insert into ".$wpdb->prefix."ccpo_post_order_rel (category_id,post_id) values ('%d','%d')",$cat_id,$post_id); 536 546 $wpdb->query($sql); 537 547 }
Note: See TracChangeset
for help on using the changeset viewer.