_escape example


function esc_sql( $data ) {
    global $wpdb;
    return $wpdb->_escape( $data );
}

/** * Checks and cleans a URL. * * A number of characters are removed from the URL. If the URL is for displaying * (the default behavior) ampersands are also replaced. The {@see 'clean_url'} filter * is applied to the returned cleaned URL. * * @since 2.8.0 * * @param string $url The URL to be cleaned. * @param string[] $protocols Optional. An array of acceptable protocols. * Defaults to return value of wp_allowed_protocols(). * @param string $_context Private. Use sanitize_url() for database usage. * @return string The cleaned URL after the {@see 'clean_url'} filter is applied. * An empty string is returned if `$url` specifies a protocol other than * those in `$protocols`, or if `$url` contains an empty string. */

    public function _escape( $data ) {
        if ( is_array( $data ) ) {
            foreach ( $data as $k => $v ) {
                if ( is_array( $v ) ) {
                    $data[ $k ] = $this->_escape( $v );
                } else {
                    $data[ $k ] = $this->_real_escape( $v );
                }
            }
        } else {
            $data = $this->_real_escape( $data );
        }

        return $data;
    }

    
// Parse site network IDs for a NOT IN clause.         if ( ! empty( $this->query_vars['network__not_in'] ) ) {
            $this->sql_clauses['where']['network__not_in'] = 'site_id NOT IN ( ' . implode( ',', wp_parse_id_list( $this->query_vars['network__not_in'] ) ) . ' )';
        }

        if ( ! empty( $this->query_vars['domain'] ) ) {
            $this->sql_clauses['where']['domain'] = $wpdb->prepare( 'domain = %s', $this->query_vars['domain'] );
        }

        // Parse site domain for an IN clause.         if ( is_array( $this->query_vars['domain__in'] ) ) {
            $this->sql_clauses['where']['domain__in'] = "domain IN ( '" . implode( "', '", $wpdb->_escape( $this->query_vars['domain__in'] ) ) . "' )";
        }

        // Parse site domain for a NOT IN clause.         if ( is_array( $this->query_vars['domain__not_in'] ) ) {
            $this->sql_clauses['where']['domain__not_in'] = "domain NOT IN ( '" . implode( "', '", $wpdb->_escape( $this->query_vars['domain__not_in'] ) ) . "' )";
        }

        if ( ! empty( $this->query_vars['path'] ) ) {
            $this->sql_clauses['where']['path'] = $wpdb->prepare( 'path = %s', $this->query_vars['path'] );
        }

        
// Parse network IDs for a NOT IN clause.         if ( ! empty( $this->query_vars['network__not_in'] ) ) {
            $this->sql_clauses['where']['network__not_in'] = "$wpdb->site.id NOT IN ( " . implode( ',', wp_parse_id_list( $this->query_vars['network__not_in'] ) ) . ' )';
        }

        if ( ! empty( $this->query_vars['domain'] ) ) {
            $this->sql_clauses['where']['domain'] = $wpdb->prepare( "$wpdb->site.domain = %s", $this->query_vars['domain'] );
        }

        // Parse network domain for an IN clause.         if ( is_array( $this->query_vars['domain__in'] ) ) {
            $this->sql_clauses['where']['domain__in'] = "$wpdb->site.domain IN ( '" . implode( "', '", $wpdb->_escape( $this->query_vars['domain__in'] ) ) . "' )";
        }

        // Parse network domain for a NOT IN clause.         if ( is_array( $this->query_vars['domain__not_in'] ) ) {
            $this->sql_clauses['where']['domain__not_in'] = "$wpdb->site.domain NOT IN ( '" . implode( "', '", $wpdb->_escape( $this->query_vars['domain__not_in'] ) ) . "' )";
        }

        if ( ! empty( $this->query_vars['path'] ) ) {
            $this->sql_clauses['where']['path'] = $wpdb->prepare( "$wpdb->site.path = %s", $this->query_vars['path'] );
        }

        
Home | Imprint | This part of the site doesn't use cookies.