diff -r c7c34916027a -r 177826044cd9 wp/wp-includes/bookmark.php --- a/wp/wp-includes/bookmark.php Mon Oct 14 18:06:33 2019 +0200 +++ b/wp/wp-includes/bookmark.php Mon Oct 14 18:28:13 2019 +0200 @@ -19,22 +19,23 @@ * @param string $filter Optional, default is 'raw'. * @return array|object|null Type returned depends on $output value. */ -function get_bookmark($bookmark, $output = OBJECT, $filter = 'raw') { +function get_bookmark( $bookmark, $output = OBJECT, $filter = 'raw' ) { global $wpdb; - if ( empty($bookmark) ) { - if ( isset($GLOBALS['link']) ) + if ( empty( $bookmark ) ) { + if ( isset( $GLOBALS['link'] ) ) { $_bookmark = & $GLOBALS['link']; - else + } else { $_bookmark = null; - } elseif ( is_object($bookmark) ) { - wp_cache_add($bookmark->link_id, $bookmark, 'bookmark'); + } + } elseif ( is_object( $bookmark ) ) { + wp_cache_add( $bookmark->link_id, $bookmark, 'bookmark' ); $_bookmark = $bookmark; } else { - if ( isset($GLOBALS['link']) && ($GLOBALS['link']->link_id == $bookmark) ) { + if ( isset( $GLOBALS['link'] ) && ( $GLOBALS['link']->link_id == $bookmark ) ) { $_bookmark = & $GLOBALS['link']; - } elseif ( ! $_bookmark = wp_cache_get($bookmark, 'bookmark') ) { - $_bookmark = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->links WHERE link_id = %d LIMIT 1", $bookmark)); + } elseif ( ! $_bookmark = wp_cache_get( $bookmark, 'bookmark' ) ) { + $_bookmark = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->links WHERE link_id = %d LIMIT 1", $bookmark ) ); if ( $_bookmark ) { $_bookmark->link_category = array_unique( wp_get_object_terms( $_bookmark->link_id, 'link_category', array( 'fields' => 'ids' ) ) ); wp_cache_add( $_bookmark->link_id, $_bookmark, 'bookmark' ); @@ -42,17 +43,18 @@ } } - if ( ! $_bookmark ) + if ( ! $_bookmark ) { return $_bookmark; + } - $_bookmark = sanitize_bookmark($_bookmark, $filter); + $_bookmark = sanitize_bookmark( $_bookmark, $filter ); if ( $output == OBJECT ) { return $_bookmark; } elseif ( $output == ARRAY_A ) { - return get_object_vars($_bookmark); + return get_object_vars( $_bookmark ); } elseif ( $output == ARRAY_N ) { - return array_values(get_object_vars($_bookmark)); + return array_values( get_object_vars( $_bookmark ) ); } else { return $_bookmark; } @@ -72,16 +74,19 @@ $bookmark = (int) $bookmark; $bookmark = get_bookmark( $bookmark ); - if ( is_wp_error($bookmark) ) + if ( is_wp_error( $bookmark ) ) { return $bookmark; + } - if ( !is_object($bookmark) ) + if ( ! is_object( $bookmark ) ) { return ''; + } - if ( !isset($bookmark->$field) ) + if ( ! isset( $bookmark->$field ) ) { return ''; + } - return sanitize_bookmark_field($field, $bookmark->$field, $bookmark->link_id, $context); + return sanitize_bookmark_field( $field, $bookmark->$field, $bookmark->link_id, $context ); } /** @@ -119,16 +124,21 @@ global $wpdb; $defaults = array( - 'orderby' => 'name', 'order' => 'ASC', - 'limit' => -1, 'category' => '', - 'category_name' => '', 'hide_invisible' => 1, - 'show_updated' => 0, 'include' => '', - 'exclude' => '', 'search' => '' + 'orderby' => 'name', + 'order' => 'ASC', + 'limit' => -1, + 'category' => '', + 'category_name' => '', + 'hide_invisible' => 1, + 'show_updated' => 0, + 'include' => '', + 'exclude' => '', + 'search' => '', ); $r = wp_parse_args( $args, $defaults ); - $key = md5( serialize( $r ) ); + $key = md5( serialize( $r ) ); $cache = false; if ( 'rand' !== $r['orderby'] && $cache = wp_cache_get( 'get_bookmarks', 'bookmark' ) ) { if ( is_array( $cache ) && isset( $cache[ $key ] ) ) { @@ -158,33 +168,33 @@ $inclusions = ''; if ( ! empty( $r['include'] ) ) { - $r['exclude'] = ''; //ignore exclude, category, and category_name params if using include - $r['category'] = ''; + $r['exclude'] = ''; //ignore exclude, category, and category_name params if using include + $r['category'] = ''; $r['category_name'] = ''; - $inclinks = preg_split( '/[\s,]+/', $r['include'] ); + $inclinks = wp_parse_id_list( $r['include'] ); if ( count( $inclinks ) ) { foreach ( $inclinks as $inclink ) { if ( empty( $inclusions ) ) { - $inclusions = ' AND ( link_id = ' . intval( $inclink ) . ' '; + $inclusions = ' AND ( link_id = ' . $inclink . ' '; } else { - $inclusions .= ' OR link_id = ' . intval( $inclink ) . ' '; + $inclusions .= ' OR link_id = ' . $inclink . ' '; } } } } - if (! empty( $inclusions ) ) { + if ( ! empty( $inclusions ) ) { $inclusions .= ')'; } $exclusions = ''; if ( ! empty( $r['exclude'] ) ) { - $exlinks = preg_split( '/[\s,]+/', $r['exclude'] ); + $exlinks = wp_parse_id_list( $r['exclude'] ); if ( count( $exlinks ) ) { foreach ( $exlinks as $exlink ) { if ( empty( $exclusions ) ) { - $exclusions = ' AND ( link_id <> ' . intval( $exlink ) . ' '; + $exclusions = ' AND ( link_id <> ' . $exlink . ' '; } else { - $exclusions .= ' AND link_id <> ' . intval( $exlink ) . ' '; + $exclusions .= ' AND link_id <> ' . $exlink . ' '; } } } @@ -194,7 +204,7 @@ } if ( ! empty( $r['category_name'] ) ) { - if ( $r['category'] = get_term_by('name', $r['category_name'], 'link_category') ) { + if ( $r['category'] = get_term_by( 'name', $r['category_name'], 'link_category' ) ) { $r['category'] = $r['category']->term_id; } else { $cache[ $key ] = array(); @@ -206,31 +216,31 @@ $search = ''; if ( ! empty( $r['search'] ) ) { - $like = '%' . $wpdb->esc_like( $r['search'] ) . '%'; - $search = $wpdb->prepare(" AND ( (link_url LIKE %s) OR (link_name LIKE %s) OR (link_description LIKE %s) ) ", $like, $like, $like ); + $like = '%' . $wpdb->esc_like( $r['search'] ) . '%'; + $search = $wpdb->prepare( ' AND ( (link_url LIKE %s) OR (link_name LIKE %s) OR (link_description LIKE %s) ) ', $like, $like, $like ); } $category_query = ''; - $join = ''; + $join = ''; if ( ! empty( $r['category'] ) ) { - $incategories = preg_split( '/[\s,]+/', $r['category'] ); - if ( count($incategories) ) { + $incategories = wp_parse_id_list( $r['category'] ); + if ( count( $incategories ) ) { foreach ( $incategories as $incat ) { if ( empty( $category_query ) ) { - $category_query = ' AND ( tt.term_id = ' . intval( $incat ) . ' '; + $category_query = ' AND ( tt.term_id = ' . $incat . ' '; } else { - $category_query .= ' OR tt.term_id = ' . intval( $incat ) . ' '; + $category_query .= ' OR tt.term_id = ' . $incat . ' '; } } } } if ( ! empty( $category_query ) ) { $category_query .= ") AND taxonomy = 'link_category'"; - $join = " INNER JOIN $wpdb->term_relationships AS tr ON ($wpdb->links.link_id = tr.object_id) INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_taxonomy_id = tr.term_taxonomy_id"; + $join = " INNER JOIN $wpdb->term_relationships AS tr ON ($wpdb->links.link_id = tr.object_id) INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_taxonomy_id = tr.term_taxonomy_id"; } if ( $r['show_updated'] ) { - $recently_updated_test = ", IF (DATE_ADD(link_updated, INTERVAL 120 MINUTE) >= NOW(), 1,0) as recently_updated "; + $recently_updated_test = ', IF (DATE_ADD(link_updated, INTERVAL 120 MINUTE) >= NOW(), 1,0) as recently_updated '; } else { $recently_updated_test = ''; } @@ -238,10 +248,10 @@ $get_updated = ( $r['show_updated'] ) ? ', UNIX_TIMESTAMP(link_updated) AS link_updated_f ' : ''; $orderby = strtolower( $r['orderby'] ); - $length = ''; + $length = ''; switch ( $orderby ) { case 'length': - $length = ", CHAR_LENGTH(link_name) AS length"; + $length = ', CHAR_LENGTH(link_name) AS length'; break; case 'rand': $orderby = 'rand()'; @@ -251,7 +261,7 @@ break; default: $orderparams = array(); - $keys = array( 'link_id', 'link_name', 'link_url', 'link_visible', 'link_rating', 'link_owner', 'link_updated', 'link_notes', 'link_description' ); + $keys = array( 'link_id', 'link_name', 'link_url', 'link_visible', 'link_rating', 'link_owner', 'link_updated', 'link_notes', 'link_description' ); foreach ( explode( ',', $orderby ) as $ordparam ) { $ordparam = trim( $ordparam ); @@ -278,7 +288,7 @@ $visible = "AND link_visible = 'Y'"; } - $query = "SELECT * $length $recently_updated_test $get_updated FROM $wpdb->links $join WHERE 1=1 $visible $category_query"; + $query = "SELECT * $length $recently_updated_test $get_updated FROM $wpdb->links $join WHERE 1=1 $visible $category_query"; $query .= " $exclusions $inclusions $search"; $query .= " ORDER BY $orderby $order"; if ( $r['limit'] != -1 ) { @@ -303,29 +313,44 @@ * * @param stdClass|array $bookmark Bookmark row * @param string $context Optional, default is 'display'. How to filter the - * fields + * fields * @return stdClass|array Same type as $bookmark but with fields sanitized. */ -function sanitize_bookmark($bookmark, $context = 'display') { - $fields = array('link_id', 'link_url', 'link_name', 'link_image', 'link_target', 'link_category', - 'link_description', 'link_visible', 'link_owner', 'link_rating', 'link_updated', - 'link_rel', 'link_notes', 'link_rss', ); +function sanitize_bookmark( $bookmark, $context = 'display' ) { + $fields = array( + 'link_id', + 'link_url', + 'link_name', + 'link_image', + 'link_target', + 'link_category', + 'link_description', + 'link_visible', + 'link_owner', + 'link_rating', + 'link_updated', + 'link_rel', + 'link_notes', + 'link_rss', + ); - if ( is_object($bookmark) ) { + if ( is_object( $bookmark ) ) { $do_object = true; - $link_id = $bookmark->link_id; + $link_id = $bookmark->link_id; } else { $do_object = false; - $link_id = $bookmark['link_id']; + $link_id = $bookmark['link_id']; } foreach ( $fields as $field ) { if ( $do_object ) { - if ( isset($bookmark->$field) ) - $bookmark->$field = sanitize_bookmark_field($field, $bookmark->$field, $link_id, $context); + if ( isset( $bookmark->$field ) ) { + $bookmark->$field = sanitize_bookmark_field( $field, $bookmark->$field, $link_id, $context ); + } } else { - if ( isset($bookmark[$field]) ) - $bookmark[$field] = sanitize_bookmark_field($field, $bookmark[$field], $link_id, $context); + if ( isset( $bookmark[ $field ] ) ) { + $bookmark[ $field ] = sanitize_bookmark_field( $field, $bookmark[ $field ], $link_id, $context ); + } } } @@ -358,28 +383,30 @@ */ function sanitize_bookmark_field( $field, $value, $bookmark_id, $context ) { switch ( $field ) { - case 'link_id' : // ints - case 'link_rating' : - $value = (int) $value; - break; - case 'link_category' : // array( ints ) - $value = array_map('absint', (array) $value); - // We return here so that the categories aren't filtered. - // The 'link_category' filter is for the name of a link category, not an array of a link's link categories - return $value; + case 'link_id': // ints + case 'link_rating': + $value = (int) $value; + break; + case 'link_category': // array( ints ) + $value = array_map( 'absint', (array) $value ); + // We return here so that the categories aren't filtered. + // The 'link_category' filter is for the name of a link category, not an array of a link's link categories + return $value; - case 'link_visible' : // bool stored as Y|N - $value = preg_replace('/[^YNyn]/', '', $value); - break; - case 'link_target' : // "enum" - $targets = array('_top', '_blank'); - if ( ! in_array($value, $targets) ) - $value = ''; - break; + case 'link_visible': // bool stored as Y|N + $value = preg_replace( '/[^YNyn]/', '', $value ); + break; + case 'link_target': // "enum" + $targets = array( '_top', '_blank' ); + if ( ! in_array( $value, $targets ) ) { + $value = ''; + } + break; } - if ( 'raw' == $context ) + if ( 'raw' == $context ) { return $value; + } if ( 'edit' == $context ) { /** This filter is documented in wp-includes/post.php */ @@ -388,7 +415,7 @@ if ( 'link_notes' == $field ) { $value = esc_html( $value ); // textarea_escaped } else { - $value = esc_attr($value); + $value = esc_attr( $value ); } } elseif ( 'db' == $context ) { /** This filter is documented in wp-includes/post.php */ @@ -417,5 +444,5 @@ function clean_bookmark_cache( $bookmark_id ) { wp_cache_delete( $bookmark_id, 'bookmark' ); wp_cache_delete( 'get_bookmarks', 'bookmark' ); - clean_object_term_cache( $bookmark_id, 'link'); + clean_object_term_cache( $bookmark_id, 'link' ); }