Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<?php
/** see attached meta.php for usage sample **/
function is_valid_id( $id ) {
// added for a fallback if filter_var is disabled for php build
if ( function_exists( 'filter_var' ) ) {
$default_opts = array(
'options' => array(
'default' => false, // value to return if the filter fails
'min_range' => 1,
'max_range' => PHP_INT_MAX
)
);
apply_filters( ‘is_valid_id_options’, $default_opts ); // alternate filter name: 'filter_var_args'
// will cast as an int OR return false if value is not an (int)
$checked = filter_var( $id, FILTER_VALIDATE_INT, $default_opts );
} else {
// if the id is a collection of only digits, not zero & not starting w/ zero
if ( preg_match( '/^[^0][0-9]+$/', $id, $matches ) ) {
// set checked val (could typecast as (int) if you want but be aware of BIGINT issues or (float) ).
$checked = $matches[0];
} else {
// set checked as falsey (or throw exception )
$checked = false;
}
}
return $checked;
}
function get_is_valid_id($id){
$checked = is_valid_id($id);
return apply_filters('is_valid_id', $checked, $id);
}
<?php
function get_meta_data($meta_type, $object_id, $meta_key = '', $single = false){
// first make sure $object_id is set
if ( ! $meta_type || ! $object_id ) {
return false;
}
/**
* REMOVED/REPLACED if ( ! is_numeric($object_id) )
* Using the wrapper function that allows a developer to
* filter the sanitization/validation of the ID value.
**/
$object_id = get_is_valid_id($object_id);
if( ! $object_id ){
return false;
}
$check = apply_filters( "get_{$meta_type}_metadata", null, $object_id, $meta_key, $single );
if ( null !== $check ) {
if ( $single && is_array( $check ) )
return $check[0];
else
return $check;
}
// this will now grab the record we added earlier on line 37 of 1_create_post_object.php
// previously it would not passed the is_numeric() check
$meta_cache = wp_cache_get($object_id, $meta_type . '_meta');
if ( !$meta_cache ) {
$meta_cache = update_meta_cache( $meta_type, array( $object_id ) );
$meta_cache = $meta_cache[$object_id];
}
if ( ! $meta_key ) {
return $meta_cache;
}
if ( isset($meta_cache[$meta_key]) ) {
if ( $single )
return maybe_unserialize( $meta_cache[$meta_key][0] );
else
return array_map('maybe_unserialize', $meta_cache[$meta_key]);
}
if ($single)
return '';
else
return array();
}
function update_metadata($meta_type, $object_id, $meta_key, $meta_value, $prev_value = '') {
global $wpdb;
if ( ! $meta_type || ! $meta_key ) {
return false;
}
/**
* No filter allowed here because we are adding content to the DB and that's risky
**/
$object_id = is_valid_id( $object_id );
if ( ! $object_id ) {
return false;
}
$table = _get_meta_table( $meta_type );
if ( ! $table ) {
return false;
}
$column = sanitize_key($meta_type . '_id');
$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
// expected_slashed ($meta_key)
$raw_meta_key = $meta_key;
$meta_key = wp_unslash($meta_key);
$passed_value = $meta_value;
$meta_value = wp_unslash($meta_value);
$meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
/**
* Filters whether to update metadata of a specific type.
*
* The dynamic portion of the hook, `$meta_type`, refers to the meta
* object type (comment, post, or user). Returning a non-null value
* will effectively short-circuit the function.
*
* @since 3.1.0
*
* @param null|bool $check Whether to allow updating metadata for the given type.
* @param int $object_id Object ID.
* @param string $meta_key Meta key.
* @param mixed $meta_value Meta value. Must be serializable if non-scalar.
* @param mixed $prev_value Optional. If specified, only update existing
* metadata entries with the specified value.
* Otherwise, update all entries.
*/
$check = apply_filters( "update_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $prev_value );
if ( null !== $check )
return (bool) $check;
// Compare existing value to new value if no prev value given and the key exists only once.
if ( empty($prev_value) ) {
$old_value = get_metadata($meta_type, $object_id, $meta_key);
if ( count($old_value) == 1 ) {
if ( $old_value[0] === $meta_value )
return false;
}
}
$meta_ids = $wpdb->get_col( $wpdb->prepare( "SELECT $id_column FROM $table WHERE meta_key = %s AND $column = %d", $meta_key, $object_id ) );
if ( empty( $meta_ids ) ) {
return add_metadata( $meta_type, $object_id, $raw_meta_key, $passed_value );
}
$_meta_value = $meta_value;
$meta_value = maybe_serialize( $meta_value );
$data = compact( 'meta_value' );
$where = array( $column => $object_id, 'meta_key' => $meta_key );
if ( !empty( $prev_value ) ) {
$prev_value = maybe_serialize($prev_value);
$where['meta_value'] = $prev_value;
}
foreach ( $meta_ids as $meta_id ) {
/**
* Fires immediately before updating metadata of a specific type.
*
* The dynamic portion of the hook, `$meta_type`, refers to the meta
* object type (comment, post, or user).
*
* @since 2.9.0
*
* @param int $meta_id ID of the metadata entry to update.
* @param int $object_id Object ID.
* @param string $meta_key Meta key.
* @param mixed $meta_value Meta value.
*/
do_action( "update_{$meta_type}_meta", $meta_id, $object_id, $meta_key, $_meta_value );
if ( 'post' == $meta_type ) {
/**
* Fires immediately before updating a post's metadata.
*
* @since 2.9.0
*
* @param int $meta_id ID of metadata entry to update.
* @param int $object_id Object ID.
* @param string $meta_key Meta key.
* @param mixed $meta_value Meta value.
*/
do_action( 'update_postmeta', $meta_id, $object_id, $meta_key, $meta_value );
}
}
$result = $wpdb->update( $table, $data, $where );
if ( ! $result )
return false;
wp_cache_delete($object_id, $meta_type . '_meta');
foreach ( $meta_ids as $meta_id ) {
/**
* Fires immediately after updating metadata of a specific type.
*
* The dynamic portion of the hook, `$meta_type`, refers to the meta
* object type (comment, post, or user).
*
* @since 2.9.0
*
* @param int $meta_id ID of updated metadata entry.
* @param int $object_id Object ID.
* @param string $meta_key Meta key.
* @param mixed $meta_value Meta value.
*/
do_action( "updated_{$meta_type}_meta", $meta_id, $object_id, $meta_key, $_meta_value );
if ( 'post' == $meta_type ) {
/**
* Fires immediately after updating a post's metadata.
*
* @since 2.9.0
*
* @param int $meta_id ID of updated metadata entry.
* @param int $object_id Object ID.
* @param string $meta_key Meta key.
* @param mixed $meta_value Meta value.
*/
do_action( 'updated_postmeta', $meta_id, $object_id, $meta_key, $meta_value );
}
}
return true;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment