Prepare DB queries in more places. Props filosofo. see #6644

git-svn-id: https://develop.svn.wordpress.org/trunk@7645 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren
2008-04-14 16:13:25 +00:00
parent 32e9822516
commit fdc05b24f6
24 changed files with 153 additions and 166 deletions

View File

@@ -12,8 +12,7 @@ if ( !empty( $_REQUEST['delete_comments'] ) ) {
$comments_deleted = $comments_approved = $comments_unapproved = $comments_spammed = 0;
foreach ($_REQUEST['delete_comments'] as $comment) : // Check the permissions on each
$comment = (int) $comment;
$post_id = (int) $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment");
// $authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") );
$post_id = (int) $wpdb->get_var( $wpdb->prepare( "SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = %d", $comment) );
if ( !current_user_can('edit_post', $post_id) )
continue;
if ( !empty( $_REQUEST['spamit'] ) ) {