No! WordPress will not protect against SQL injection in this case. You need to do so yourself, using $wpdb->esc_like and $wpdb->prepare: if ( isset( $_GET[‘q’] ) ) { // WordPress forces magic quotes (god knows why), unslash it $value = wp_unslash( ( string ) $_GET[‘q’] ); // Escape like wildcards so that MySQL interprets them … Read more
An easy query like the following should work for you: <?php $_query = new WP_Query( array( ‘post_type’ => ‘post’, ‘posts_per_page’ => -1, ‘post_status’ => ‘publish’, ‘meta_query’ => array( ‘relation’ => ‘OR’, array( ‘key’ => ‘key1’ ), array( ‘key’ => ‘key2’ ), ), ) ); ?> Note the ‘relation’=>’OR’ in meta_query. More at: WP_Query – Custom … Read more
// add the schedule event if it has been removed if( ! wp_next_scheduled( ‘mg_remove_old_entries’ ) ) { wp_schedule_event( time(), ‘daily’, ‘mg_remove_old_entries’ ); //run the event daily } // action hooked to fired with wordpress cron job add_action( ‘mg_remove_old_entries’, ‘mg_remove_old_entries’ ); function mg_remove_old_entries() { $posts = get_posts( [ ‘numberposts’ => -1, ‘post_type’ => ‘vfb_entry’, ‘date_query’ => … Read more
I would check the output of $querystr. It looks like you have the table name twice. $wpdb->postmeta resolves to something like wp_postmeta and then you have postmeta again. This gives you wp_postmetapostmeta which isn’t a valid table. I highly recommend you try out Debug Bar. It greatly simplifies query debugging.
Custom field data is stored in the postmeta table, and it’s likely that scanning through this table is causing slowness. You should: install the debug bar plugin which will give you more insight into the queries that are being executed against the database – you’ll be able to see how long each query takes, and … Read more
The WPDB prepare method is what you’re after, as this will prep your data for passing to a query and also ensure data matches the type its intended to be whilst also handling quoting where necessary at the same time. Fixing your code could be a matter of.. $voucher=”MK0186″; $is_in_database = $wpdb->get_results( “SELECT * FROM … Read more
I needed to get post with type event and the custom field “date” later than today, this sample of code worked perfectly for me, I hope it helps to someone in a similar situation. $today = date(“Y-m-d”); $today1 = date(“Ymd”, strtotime(“$today”)); $custom_meta = array( array( ‘key’ => ‘data_de_inicio’, ‘value’=>$today1, ‘compare’=>’>’, ‘type’=>’date’, ), ); $query = … Read more
You have not stated how the selection works, but you need to have some kind of conditional set when a specific month is selected and when a year archive is selected. I also do not know where get_the_time comes in or its relevance to the query. But anyways, there are some other really big issues … Read more
You can use the WP_Query(); to check that like this: $my_query = new WP_Query(); $my_query->query(array( ‘meta_key’ => ‘X’, ‘meta_value’ => ‘Y’)); if ( $my_query->have_posts() ){ //it exists } else { //it’s not here } Hope this helps.
when you use get_users() it retrieves an array of users matching the criteria given in $args which means you can simply use PHP’s count() function e.g: $users = get_users($args); $number_of_users = count($users);