WordPress.org
Get WordPress

Plugin Directory

Changeset 2989009


Ignore:
Timestamp:
11/04/2023 06:26:38 PM (2 years ago)
Author:
whiletrue
Message:

release 2.5.17

Location:
most-and-least-read-posts-widget
Files:
5 added
2 deleted
2 edited

Legend:

Unmodified
Added
Removed

  • most-and-least-read-posts-widget/trunk/most_and_least_read_posts.php

    r2733741 r2989009  
    66Author: WhileTrue
    77Text Domain: most-and-least-read-posts-widget
    8 Version: 2.5.16
     8Version: 2.5.17
    99Author URI: http://www.whiletrue.it/
    1010*/
     
    150150    global $wpdb, $table_prefix;
    151151
     152    $sql_options = [];
     153
     154    // FOR PERFORMANCE, ADD EXCERPT FIELDS TO THE QUERY ONLY WHEN THEY ARE NEEDED
     155    $sql_excerpt_fields = "";
     156    if (isset($instance['excerpt_max_chars']) && is_numeric($instance['excerpt_max_chars'])) {
     157        $sql_excerpt_fields = " , p.post_excerpt, p.post_content ";
     158    }
     159
     160    $sql_wpml = '';
     161    if (defined("ICL_LANGUAGE_CODE") and ICL_LANGUAGE_CODE != '') {  // IF WPML IS ACTIVE
     162        $sql_wpml = " JOIN " . $table_prefix . "icl_translations as t on (t.element_id = p.ID and t.language_code = '" . ICL_LANGUAGE_CODE . "') ";
     163    }
     164
     165    // DATE OPTIONS
     166    $sql_max_date = '';
     167    if (isset($instance['date_from']) && $instance['date_from'] != '') {
     168        // IF "date_from" AND/OR "date_to" ARE SET, OVERWRITE THE "days_ago" ATTRIBUTE (format: YYYY-MM-DD)
     169        $min_date = $instance['date_from'];
     170        $sql_options[] = $min_date;
     171        if ($instance['date_to'] != '') {
     172            $sql_max_date = " and p.post_date <= %s ";
     173            $sql_options[] = $instance['date_to'];
     174        }
     175    } else {
     176        // OTHERWHISE, APPLY THE "days_ago" ATTRIBUTE OR USE DEFAULT   
     177        $days_ago = (is_numeric($instance['days_ago'])) ? $instance['days_ago'] : 365;
     178        $min_date = date('Y-m-d', mktime(4, 0, 0, date('m'), date('d') - $days_ago, date('Y')));
     179        $sql_options[] = $min_date;
     180    }
     181
    152182    $sql_esc = '';
    153183    if ($instance['words_excluded'] != '') {
    154184        $excludes = array_filter(explode(',', $instance['words_excluded']));
    155         $sql_esc_arr = array();
     185        $sql_esc_arr = [];
    156186        foreach ($excludes as $val) {
    157187            if (trim($val) == '') {
    158188                continue;
    159189            }
    160             $sql_esc_arr[] = " p.post_title not like '%" . trim($val) . "%' ";
     190            $sql_esc_arr[] = " p.post_title not like %s ";
     191            $sql_options[] = '%' . $wpdb->esc_like(trim($val)) . '%';
    161192        }
    162193        $sql_esc = " and " . implode(" and ", $sql_esc_arr) . " ";
    163194    }
    164195
    165     // DATE OPTIONS
    166     if (isset($instance['date_from']) && $instance['date_from'] != '') {
    167         // IF "date_from" AND/OR "date_to" ARE SET, OVERWRITE THE "days_ago" ATTRIBUTE (format: YYYY-MM-DD)
    168         $min_date = $instance['date_from'];
    169         $sql_max_date = ($instance['date_to'] != '') ? " and p.post_date <= '" . $instance['date_to'] . "' " : "";
    170     } else {
    171         // OTHERWHISE, APPLY THE "days_ago" ATTRIBUTE OR USE DEFAULT   
    172         $days_ago = (is_numeric($instance['days_ago'])) ? $instance['days_ago'] : 365;
    173         $min_date = date('Y-m-d', mktime(4, 0, 0, date('m'), date('d') - $days_ago, date('Y')));
    174         $sql_max_date = '';
    175     }
    176 
    177 
    178     $sql_wpml = '';
    179     if (defined("ICL_LANGUAGE_CODE") and ICL_LANGUAGE_CODE != '') {  // IF WPML IS ACTIVE
    180         $sql_wpml = " JOIN " . $table_prefix . "icl_translations as t on (t.element_id = p.ID and t.language_code = '" . ICL_LANGUAGE_CODE . "') ";
    181     }
    182 
    183     // FOR PERFORMANCE, ADD EXCERPT FIELDS TO THE QUERY ONLY WHEN THEY ARE NEEDED
    184     $sql_excerpt_fields = "";
    185     if (isset($instance['excerpt_max_chars']) && is_numeric($instance['excerpt_max_chars'])) {
    186         $sql_excerpt_fields = " , p.post_excerpt, p.post_content ";
    187     }
    188 
    189     $sql = " select DISTINCT p.ID, p.post_title, m.meta_value " . $sql_excerpt_fields . "
     196    // Posts number parameter, used in LIMIT
     197    $sql_options[] = $instance['posts_number'] ?? 5;
     198
     199    $sql_text = "select DISTINCT p.ID, p.post_title, m.meta_value " . $sql_excerpt_fields . "
    190200        FROM $wpdb->postmeta as m
    191201            LEFT JOIN $wpdb->posts as p on (m.post_id = p.ID)
     
    194204            and p.post_type = 'post'
    195205            and m.meta_key = 'custom_total_hits'
    196             and p.post_date >= '$min_date'
    197       $sql_max_date
     206            and p.post_date >= %s
     207            $sql_max_date
    198208            $sql_esc
    199209        ORDER BY m.meta_value $order
    200         LIMIT 0, " . $instance['posts_number'];
     210        LIMIT 0, %d";
     211
     212    $sql = $wpdb->prepare($sql_text, $sql_options);
    201213
    202214    $output = $wpdb->get_results($sql);

  • most-and-least-read-posts-widget/trunk/readme.txt

    r2954264 r2989009  
    44Tags: popular posts, post, posts, most read, least read, more read, top posts, less read, sidebar, widget, links
    55Requires at least: 2.9+
    6 Tested up to: 6.3
    7 Stable tag: 2.5.16
     6Requires PHP: 7.0
     7Tested up to: 6.4
     8Stable tag: 2.5.17
    89
    910Provide two widgets, showing lists of the most and reast read posts.
     
    3334* a custom CSS style
    3435
    35 If you want to show the post hits anywhere inside the template loop, you can the php function provided, e.g.:
    36 `<?php echo most_and_least_read_posts_get_hits(get_the_ID()); ?>`
     36If you want to show the post hits anywhere inside the template loop, you can the PHP function provided, e.g.:
     37
     38`echo most_and_least_read_posts_get_hits(get_the_ID());`
    3739
    3840= Shortcode =
    3941
    4042Also, [most_read_posts] a shortcode is available. Use it like this:
     43
    4144`[most_read_posts type="most" posts_number="5" show_thumbs="false" date_from="2016-01-01" date_to="2016-04-30"]`
    4245
     
    9497== Changelog ==
    9598
    96 = 2.5.16 =
    97 * Plugin tested up WordPress 6.1
     99= 2.5.17 =
     100* Plugin tested up WordPress 6.4
     101* Fixed: SQL injection
    98102
    99103= 2.5.5 =
    100 * Added: New "add line break before thumb" option
    101 * Added: New "Limit post titles to X chars" option
    102 * Added: New "Show post excerpts" option
     104* Added: New "Add line break before thumb", "Limit post titles to X chars" and "Show post excerpts" options
    103105* Added: internationalization
    104106* Added: [most_read_posts] shortcode
    105 * Added: shortcode "days_ago" attribute
    106 * Added: shortcode "date_from" and "date_to" attributes
    107 * Changed: web spiders update
    108 * Changed: Avangate ads removal
    109 
    110 = 2.1.7 =
    111107* Added: Use the comma "," for thousands digits
    112108* Added: Append a custom text (e.g. the word "views") next to total hits
    113109* Added: WhileTrue RSS Feed
    114 * Changed: Code cleaning
     110* Changed: web spiders update
     111* Changed: Avangate ads removal
    115112* Changed: Skip updating hits if user is admin
    116113
Note: See TracChangeset for help on using the changeset viewer.