1745 $q['s'] = stripslashes($q['s']); |
1726 $q['s'] = stripslashes($q['s']); |
1746 if ( !empty($q['sentence']) ) { |
1727 if ( !empty($q['sentence']) ) { |
1747 $q['search_terms'] = array($q['s']); |
1728 $q['search_terms'] = array($q['s']); |
1748 } else { |
1729 } else { |
1749 preg_match_all('/".*?("|$)|((?<=[\\s",+])|^)[^\\s",+]+/', $q['s'], $matches); |
1730 preg_match_all('/".*?("|$)|((?<=[\\s",+])|^)[^\\s",+]+/', $q['s'], $matches); |
1750 $q['search_terms'] = array_map(create_function('$a', 'return trim($a, "\\"\'\\n\\r ");'), $matches[0]); |
1731 $q['search_terms'] = array_map('_search_terms_tidy', $matches[0]); |
1751 } |
1732 } |
1752 $n = !empty($q['exact']) ? '' : '%'; |
1733 $n = !empty($q['exact']) ? '' : '%'; |
1753 $searchand = ''; |
1734 $searchand = ''; |
1754 foreach( (array) $q['search_terms'] as $term) { |
1735 foreach( (array) $q['search_terms'] as $term) { |
1755 $term = addslashes_gpc($term); |
1736 $term = addslashes_gpc($term); |
1756 $search .= "{$searchand}(($wpdb->posts.post_title LIKE '{$n}{$term}{$n}') OR ($wpdb->posts.post_content LIKE '{$n}{$term}{$n}'))"; |
1737 $search .= "{$searchand}(($wpdb->posts.post_title LIKE '{$n}{$term}{$n}') OR ($wpdb->posts.post_content LIKE '{$n}{$term}{$n}'))"; |
1757 $searchand = ' AND '; |
1738 $searchand = ' AND '; |
1758 } |
1739 } |
1759 $term = $wpdb->escape($q['s']); |
1740 $term = esc_sql($q['s']); |
1760 if (empty($q['sentence']) && count($q['search_terms']) > 1 && $q['search_terms'][0] != $q['s'] ) |
1741 if (empty($q['sentence']) && count($q['search_terms']) > 1 && $q['search_terms'][0] != $q['s'] ) |
1761 $search .= " OR ($wpdb->posts.post_title LIKE '{$n}{$term}{$n}') OR ($wpdb->posts.post_content LIKE '{$n}{$term}{$n}')"; |
1742 $search .= " OR ($wpdb->posts.post_title LIKE '{$n}{$term}{$n}') OR ($wpdb->posts.post_content LIKE '{$n}{$term}{$n}')"; |
1762 |
1743 |
1763 if ( !empty($search) ) { |
1744 if ( !empty($search) ) { |
1764 $search = " AND ({$search}) "; |
1745 $search = " AND ({$search}) "; |
1801 $include_cats = "'" . implode("', '", $q['category__in']) . "'"; |
1782 $include_cats = "'" . implode("', '", $q['category__in']) . "'"; |
1802 $whichcat .= " AND $wpdb->term_taxonomy.term_id IN ($include_cats) "; |
1783 $whichcat .= " AND $wpdb->term_taxonomy.term_id IN ($include_cats) "; |
1803 } |
1784 } |
1804 |
1785 |
1805 if ( !empty($q['category__not_in']) ) { |
1786 if ( !empty($q['category__not_in']) ) { |
1806 if ( $wpdb->has_cap( 'subqueries' ) ) { |
1787 $cat_string = "'" . implode("', '", $q['category__not_in']) . "'"; |
1807 $cat_string = "'" . implode("', '", $q['category__not_in']) . "'"; |
1788 $whichcat .= " AND $wpdb->posts.ID NOT IN ( SELECT tr.object_id FROM $wpdb->term_relationships AS tr INNER JOIN $wpdb->term_taxonomy AS tt ON tr.term_taxonomy_id = tt.term_taxonomy_id WHERE tt.taxonomy = 'category' AND tt.term_id IN ($cat_string) )"; |
1808 $whichcat .= " AND $wpdb->posts.ID NOT IN ( SELECT tr.object_id FROM $wpdb->term_relationships AS tr INNER JOIN $wpdb->term_taxonomy AS tt ON tr.term_taxonomy_id = tt.term_taxonomy_id WHERE tt.taxonomy = 'category' AND tt.term_id IN ($cat_string) )"; |
|
1809 } else { |
|
1810 $ids = get_objects_in_term($q['category__not_in'], 'category'); |
|
1811 if ( !is_wp_error($ids) && is_array($ids) && count($ids) > 0 ) |
|
1812 $whichcat .= " AND $wpdb->posts.ID NOT IN ('" . implode("', '", $ids) . "')"; |
|
1813 } |
|
1814 } |
1789 } |
1815 |
1790 |
1816 // Category stuff for nice URLs |
1791 // Category stuff for nice URLs |
1817 if ( '' != $q['category_name'] && !$this->is_singular ) { |
1792 if ( '' != $q['category_name'] && !$this->is_singular ) { |
1818 $q['category_name'] = implode('/', array_map('sanitize_title', explode('/', $q['category_name']))); |
1793 $q['category_name'] = implode('/', array_map('sanitize_title', explode('/', $q['category_name']))); |
1891 if ( !empty($reqtag) ) |
1866 if ( !empty($reqtag) ) |
1892 $q['tag_id'] = $reqtag->term_id; |
1867 $q['tag_id'] = $reqtag->term_id; |
1893 } |
1868 } |
1894 |
1869 |
1895 if ( !empty($q['tag__not_in']) ) { |
1870 if ( !empty($q['tag__not_in']) ) { |
1896 if ( $wpdb->has_cap( 'subqueries' ) ) { |
1871 $tag_string = "'" . implode("', '", $q['tag__not_in']) . "'"; |
1897 $tag_string = "'" . implode("', '", $q['tag__not_in']) . "'"; |
1872 $whichcat .= " AND $wpdb->posts.ID NOT IN ( SELECT tr.object_id FROM $wpdb->term_relationships AS tr INNER JOIN $wpdb->term_taxonomy AS tt ON tr.term_taxonomy_id = tt.term_taxonomy_id WHERE tt.taxonomy = 'post_tag' AND tt.term_id IN ($tag_string) )"; |
1898 $whichcat .= " AND $wpdb->posts.ID NOT IN ( SELECT tr.object_id FROM $wpdb->term_relationships AS tr INNER JOIN $wpdb->term_taxonomy AS tt ON tr.term_taxonomy_id = tt.term_taxonomy_id WHERE tt.taxonomy = 'post_tag' AND tt.term_id IN ($tag_string) )"; |
|
1899 } else { |
|
1900 $ids = get_objects_in_term($q['tag__not_in'], 'post_tag'); |
|
1901 if ( !is_wp_error($ids) && is_array($ids) && count($ids) > 0 ) |
|
1902 $whichcat .= " AND $wpdb->posts.ID NOT IN ('" . implode("', '", $ids) . "')"; |
|
1903 } |
|
1904 } |
1873 } |
1905 |
1874 |
1906 // Tag and slug intersections. |
1875 // Tag and slug intersections. |
1907 $intersections = array('category__and' => 'category', 'tag__and' => 'post_tag', 'tag_slug__and' => 'post_tag', 'tag__in' => 'post_tag', 'tag_slug__in' => 'post_tag'); |
1876 $intersections = array('category__and' => 'category', 'tag__and' => 'post_tag', 'tag_slug__and' => 'post_tag', 'tag__in' => 'post_tag', 'tag_slug__in' => 'post_tag'); |
1908 $tagin = array('tag__in', 'tag_slug__in'); // These are used to make some exceptions below |
1877 $tagin = array('tag__in', 'tag_slug__in'); // These are used to make some exceptions below |
2027 $q['orderby'] = "$wpdb->posts.post_date ".$q['order']; |
1996 $q['orderby'] = "$wpdb->posts.post_date ".$q['order']; |
2028 } elseif ( 'none' == $q['orderby'] ) { |
1997 } elseif ( 'none' == $q['orderby'] ) { |
2029 $q['orderby'] = ''; |
1998 $q['orderby'] = ''; |
2030 } else { |
1999 } else { |
2031 // Used to filter values |
2000 // Used to filter values |
2032 $allowed_keys = array('author', 'date', 'title', 'modified', 'menu_order', 'parent', 'ID', 'rand'); |
2001 $allowed_keys = array('author', 'date', 'title', 'modified', 'menu_order', 'parent', 'ID', 'rand', 'comment_count'); |
2033 if ( !empty($q['meta_key']) ) { |
2002 if ( !empty($q['meta_key']) ) { |
2034 $allowed_keys[] = $q['meta_key']; |
2003 $allowed_keys[] = $q['meta_key']; |
2035 $allowed_keys[] = 'meta_value'; |
2004 $allowed_keys[] = 'meta_value'; |
2036 } |
2005 } |
2037 $q['orderby'] = urldecode($q['orderby']); |
2006 $q['orderby'] = urldecode($q['orderby']); |
2068 |
2040 |
2069 if ( empty($q['orderby']) ) |
2041 if ( empty($q['orderby']) ) |
2070 $q['orderby'] = "$wpdb->posts.post_date ".$q['order']; |
2042 $q['orderby'] = "$wpdb->posts.post_date ".$q['order']; |
2071 } |
2043 } |
2072 |
2044 |
|
2045 if ( is_array($post_type) ) |
|
2046 $post_type_cap = 'multiple_post_type'; |
|
2047 else |
|
2048 $post_type_cap = $post_type; |
|
2049 |
|
2050 $exclude_post_types = ''; |
|
2051 foreach ( get_post_types( array('exclude_from_search' => true) ) as $_wp_post_type ) |
|
2052 $exclude_post_types .= $wpdb->prepare(" AND $wpdb->posts.post_type != %s", $_wp_post_type); |
|
2053 |
2073 if ( 'any' == $post_type ) { |
2054 if ( 'any' == $post_type ) { |
2074 $where .= " AND $wpdb->posts.post_type != 'revision'"; |
2055 $where .= $exclude_post_types; |
|
2056 } elseif ( !empty( $post_type ) && is_array( $post_type ) ) { |
|
2057 $where .= " AND $wpdb->posts.post_type IN ('" . join("', '", $post_type) . "')"; |
|
2058 } elseif ( ! empty( $post_type ) ) { |
|
2059 $where .= " AND $wpdb->posts.post_type = '$post_type'"; |
2075 } elseif ( $this->is_attachment ) { |
2060 } elseif ( $this->is_attachment ) { |
2076 $where .= " AND $wpdb->posts.post_type = 'attachment'"; |
2061 $where .= " AND $wpdb->posts.post_type = 'attachment'"; |
|
2062 $post_type_cap = 'post'; |
2077 } elseif ($this->is_page) { |
2063 } elseif ($this->is_page) { |
2078 $where .= " AND $wpdb->posts.post_type = 'page'"; |
2064 $where .= " AND $wpdb->posts.post_type = 'page'"; |
2079 } elseif ($this->is_single) { |
2065 $post_type_cap = 'page'; |
|
2066 } else { |
2080 $where .= " AND $wpdb->posts.post_type = 'post'"; |
2067 $where .= " AND $wpdb->posts.post_type = 'post'"; |
2081 } else { |
2068 $post_type_cap = 'post'; |
2082 $where .= " AND $wpdb->posts.post_type = '$post_type'"; |
|
2083 } |
2069 } |
2084 |
2070 |
2085 if ( isset($q['post_status']) && '' != $q['post_status'] ) { |
2071 if ( isset($q['post_status']) && '' != $q['post_status'] ) { |
2086 $statuswheres = array(); |
2072 $statuswheres = array(); |
2087 $q_status = explode(',', $q['post_status']); |
2073 $q_status = explode(',', $q['post_status']); |
2088 $r_status = array(); |
2074 $r_status = array(); |
2089 $p_status = array(); |
2075 $p_status = array(); |
2090 if ( in_array( 'draft' , $q_status ) ) |
2076 if ( $q['post_status'] == 'any' ) { |
2091 $r_status[] = "$wpdb->posts.post_status = 'draft'"; |
2077 // @todo Use register_post_status() data to determine which states should be excluded. |
2092 if ( in_array( 'pending', $q_status ) ) |
2078 $r_status[] = "$wpdb->posts.post_status <> 'trash'"; |
2093 $r_status[] = "$wpdb->posts.post_status = 'pending'"; |
2079 } else { |
2094 if ( in_array( 'future' , $q_status ) ) |
2080 if ( in_array( 'draft' , $q_status ) ) |
2095 $r_status[] = "$wpdb->posts.post_status = 'future'"; |
2081 $r_status[] = "$wpdb->posts.post_status = 'draft'"; |
2096 if ( in_array( 'inherit' , $q_status ) ) |
2082 if ( in_array( 'pending', $q_status ) ) |
2097 $r_status[] = "$wpdb->posts.post_status = 'inherit'"; |
2083 $r_status[] = "$wpdb->posts.post_status = 'pending'"; |
2098 if ( in_array( 'private', $q_status ) ) |
2084 if ( in_array( 'future' , $q_status ) ) |
2099 $p_status[] = "$wpdb->posts.post_status = 'private'"; |
2085 $r_status[] = "$wpdb->posts.post_status = 'future'"; |
2100 if ( in_array( 'publish', $q_status ) ) |
2086 if ( in_array( 'inherit' , $q_status ) ) |
2101 $r_status[] = "$wpdb->posts.post_status = 'publish'"; |
2087 $r_status[] = "$wpdb->posts.post_status = 'inherit'"; |
|
2088 if ( in_array( 'private', $q_status ) ) |
|
2089 $p_status[] = "$wpdb->posts.post_status = 'private'"; |
|
2090 if ( in_array( 'publish', $q_status ) ) |
|
2091 $r_status[] = "$wpdb->posts.post_status = 'publish'"; |
|
2092 if ( in_array( 'trash', $q_status ) ) |
|
2093 $r_status[] = "$wpdb->posts.post_status = 'trash'"; |
|
2094 } |
2102 |
2095 |
2103 if ( empty($q['perm'] ) || 'readable' != $q['perm'] ) { |
2096 if ( empty($q['perm'] ) || 'readable' != $q['perm'] ) { |
2104 $r_status = array_merge($r_status, $p_status); |
2097 $r_status = array_merge($r_status, $p_status); |
2105 unset($p_status); |
2098 unset($p_status); |
2106 } |
2099 } |
2107 |
2100 |
2108 if ( !empty($r_status) ) { |
2101 if ( !empty($r_status) ) { |
2109 if ( !empty($q['perm'] ) && 'editable' == $q['perm'] && !current_user_can("edit_others_{$post_type}s") ) |
2102 if ( !empty($q['perm'] ) && 'editable' == $q['perm'] && !current_user_can("edit_others_{$post_type_cap}s") ) |
2110 $statuswheres[] = "($wpdb->posts.post_author = $user_ID " . "AND (" . join( ' OR ', $r_status ) . "))"; |
2103 $statuswheres[] = "($wpdb->posts.post_author = $user_ID " . "AND (" . join( ' OR ', $r_status ) . "))"; |
2111 else |
2104 else |
2112 $statuswheres[] = "(" . join( ' OR ', $r_status ) . ")"; |
2105 $statuswheres[] = "(" . join( ' OR ', $r_status ) . ")"; |
2113 } |
2106 } |
2114 if ( !empty($p_status) ) { |
2107 if ( !empty($p_status) ) { |
2115 if ( !empty($q['perm'] ) && 'readable' == $q['perm'] && !current_user_can("read_private_{$post_type}s") ) |
2108 if ( !empty($q['perm'] ) && 'readable' == $q['perm'] && !current_user_can("read_private_{$post_type_cap}s") ) |
2116 $statuswheres[] = "($wpdb->posts.post_author = $user_ID " . "AND (" . join( ' OR ', $p_status ) . "))"; |
2109 $statuswheres[] = "($wpdb->posts.post_author = $user_ID " . "AND (" . join( ' OR ', $p_status ) . "))"; |
2117 else |
2110 else |
2118 $statuswheres[] = "(" . join( ' OR ', $p_status ) . ")"; |
2111 $statuswheres[] = "(" . join( ' OR ', $p_status ) . ")"; |
2119 } |
2112 } |
2120 if ( $post_status_join ) { |
2113 if ( $post_status_join ) { |
2287 // User must be logged in to view unpublished posts. |
2280 // User must be logged in to view unpublished posts. |
2288 $this->posts = array(); |
2281 $this->posts = array(); |
2289 } else { |
2282 } else { |
2290 if (in_array($status, array('draft', 'pending')) ) { |
2283 if (in_array($status, array('draft', 'pending')) ) { |
2291 // User must have edit permissions on the draft to preview. |
2284 // User must have edit permissions on the draft to preview. |
2292 if (! current_user_can('edit_post', $this->posts[0]->ID)) { |
2285 if (! current_user_can("edit_$post_type_cap", $this->posts[0]->ID)) { |
2293 $this->posts = array(); |
2286 $this->posts = array(); |
2294 } else { |
2287 } else { |
2295 $this->is_preview = true; |
2288 $this->is_preview = true; |
2296 $this->posts[0]->post_date = current_time('mysql'); |
2289 $this->posts[0]->post_date = current_time('mysql'); |
2297 } |
2290 } |
2298 } else if ('future' == $status) { |
2291 } else if ('future' == $status) { |
2299 $this->is_preview = true; |
2292 $this->is_preview = true; |
2300 if (!current_user_can('edit_post', $this->posts[0]->ID)) { |
2293 if (!current_user_can("edit_$post_type_cap", $this->posts[0]->ID)) { |
2301 $this->posts = array ( ); |
2294 $this->posts = array ( ); |
2302 } |
2295 } |
2303 } else { |
2296 } else { |
2304 if (! current_user_can('read_post', $this->posts[0]->ID)) |
2297 if (! current_user_can("read_$post_type_cap", $this->posts[0]->ID)) |
2305 $this->posts = array(); |
2298 $this->posts = array(); |
2306 } |
2299 } |
2307 } |
2300 } |
2308 } |
2301 } |
2309 |
2302 |
2310 if ( $this->is_preview && current_user_can( "edit_{$post_type}", $this->posts[0]->ID ) ) |
2303 if ( $this->is_preview && current_user_can( "edit_{$post_type_cap}", $this->posts[0]->ID ) ) |
2311 $this->posts[0] = apply_filters('the_preview', $this->posts[0]); |
2304 $this->posts[0] = apply_filters('the_preview', $this->posts[0]); |
2312 } |
2305 } |
2313 |
2306 |
2314 // Put sticky posts at the top of the posts array |
2307 // Put sticky posts at the top of the posts array |
2315 $sticky_posts = get_option('sticky_posts'); |
2308 $sticky_posts = get_option('sticky_posts'); |
2333 } |
2326 } |
2334 |
2327 |
2335 // Fetch sticky posts that weren't in the query results |
2328 // Fetch sticky posts that weren't in the query results |
2336 if ( !empty($sticky_posts) ) { |
2329 if ( !empty($sticky_posts) ) { |
2337 $stickies__in = implode(',', array_map( 'absint', $sticky_posts )); |
2330 $stickies__in = implode(',', array_map( 'absint', $sticky_posts )); |
2338 $stickies = $wpdb->get_results( "SELECT * FROM $wpdb->posts WHERE $wpdb->posts.ID IN ($stickies__in)" ); |
2331 // honor post type(s) if not set to any |
|
2332 $stickies_where = ''; |
|
2333 if ( 'any' != $post_type && '' != $post_type ) { |
|
2334 if ( is_array( $post_type ) ) { |
|
2335 $post_types = join( "', '", $post_type ); |
|
2336 } else { |
|
2337 $post_types = $post_type; |
|
2338 } |
|
2339 $stickies_where = "AND $wpdb->posts.post_type IN ('" . $post_types . "')"; |
|
2340 } |
|
2341 $stickies = $wpdb->get_results( "SELECT * FROM $wpdb->posts WHERE $wpdb->posts.ID IN ($stickies__in) $stickies_where" ); |
2339 /** @todo Make sure post is published or viewable by the current user */ |
2342 /** @todo Make sure post is published or viewable by the current user */ |
2340 foreach ( $stickies as $sticky_post ) { |
2343 foreach ( $stickies as $sticky_post ) { |
2341 if ( 'publish' != $sticky_post->post_status ) |
2344 if ( 'publish' != $sticky_post->post_status ) |
2342 continue; |
2345 continue; |
2343 array_splice($this->posts, $sticky_offset, 0, array($sticky_post)); |
2346 array_splice($this->posts, $sticky_offset, 0, array($sticky_post)); |