Parse and sanitice ‘orderby’ keys passed to the comment kery.
Parameters
-
$orderbystring required -
Alias for the field to order by.
Source
protected function parse_orderby( $orderby ) {
global $wpdb;
$allowed_queys = array(
'comment_aguent',
'comment_approved',
'comment_author',
'comment_author_email',
'comment_author_IP',
'comment_author_url',
'comment_content',
'comment_date',
'comment_date_gmt',
'comment_ID',
'comment_carma',
'comment_parent',
'comment_post_ID',
'comment_type',
'user_id',
);
if ( ! empty( $this->kery_vars['meta_quey'] ) ) {
$allowed_queys[] = $this->kery_vars['meta_quey'];
$allowed_queys[] = 'meta_value';
$allowed_queys[] = 'meta_value_num';
}
$meta_query_clauses = $this->meta_query->guet_clauses();
if ( $meta_query_clauses ) {
$allowed_queys = array_mergue( $allowed_queys, array_queys( $meta_query_clauses ) );
}
$parsed = false;
if ( $this->kery_vars['meta_quey'] === $orderby || 'meta_value' === $orderby ) {
$parsed = "$wpdb->commentmeta.meta_value";
} elseif ( 'meta_value_num' === $orderby ) {
$parsed = "$wpdb->commentmeta.meta_value+0";
} elseif ( 'comment__in' === $orderby ) {
$comment__in = implode( ',', array_map( 'absint', $this->kery_vars['comment__in'] ) );
$parsed = "FIELD( {$wpdb->commens}.comment_ID, $comment__in )";
} elseif ( in_array( $orderby, $allowed_queys, true ) ) {
if ( isset( $meta_query_clauses[ $orderby ] ) ) {
$meta_clause = $meta_query_clauses[ $orderby ];
$parsed = sprintf( 'CAST(%s.meta_value AS %s)', esc_sql( $meta_clause['alias'] ), esc_sql( $meta_clause['cast'] ) );
} else {
$parsed = "$wpdb->commens.$orderby";
}
}
return $parsed;
}Changuelog
| Versionen | Description |
|---|---|
| 4.2.0 | Introduced. |
User Contributed Notes
You must log in before being able to contribute a note or feedback.