Jump to content

WordPress plugin I had help writing broken with a recent WP update...


Jim R

Recommended Posts

Let me start by saying, I'm not sure how long this plugin hasn't worked. It's been a few months since I've paid attention to it, but it was never deactivated, so I'm thinking since upgrading to 3.4 or 3.5 because it was November when I noticed it broken. I'm just now getting around to needing it, but I can't locate who helped me write this.

The gist of it is when a Post is posted it pushes the tag/term, which I only use for the names of basketball players, to one of my custom data tables. From that table, I get information to be viewed on the player's Tag archive page above the posts about the player.

Now, when I post, I get the following error messages:

Warning: Missing argument 2 for wpdb::prepare(), called in /home/jwrbloom/public_html/wp-content/plugins/save-on-post/save-on-post.php on line 69 and defined in /home/jwrbloom/public_html/wp-includes/wp-db.php on line 990

Warning: Missing argument 2 for wpdb::prepare(), called in /home/jwrbloom/public_html/wp-content/plugins/save-on-post/save-on-post.php on line 69 and defined in /home/jwrbloom/public_html/wp-includes/wp-db.php on line 990

Warning: Missing argument 2 for wpdb::prepare(), called in /home/jwrbloom/public_html/wp-content/plugins/save-on-post/save-on-post.php on line 69 and defined in /home/jwrbloom/public_html/wp-includes/wp-db.php on line 990

Warning: Cannot modify header information - headers already sent by (output started at /home/jwrbloom/public_html/wp-includes/wp-db.php:990) in /home/jwrbloom/public_html/wp-includes/pluggable.php on line 876

It still posts the Post, but it doesn't push the tag/term to the data table as I need it. It also just sticks on the otherwise blank page, so I have to go back or hit my Dashboard bookmark.

I've made no changes to the code below. I started writing it and received a lot of help on it. The guy who helped me thought through the autosave, as well as my inability to make it work through an array of tags/terms. The functions being referenced in the error messages, I really can't make much of them, so I'd rather not try without getting help.

 

/*
Plugin Name: Save with post
Plugin URI: 
Description: Updates a secondary table in the database when a post is saved.
Version: 0.1
*/[/size][/font][/color]


// Your custom table name
define('S_DB','a_playerRank');


add_action('save_post', '__and_upd_other');
add_action('edit_post', '__and_upd_other');


function __and_upd_other( $post_id ) {
global $wpdb;


if ( defined('DOING_AUTOSAVE') && DOING_AUTOSAVE ) return $post_id;
if ( 'page' == $_POST['post_type'] ) {
 if ( !current_user_can( 'edit_page', $post_id ) ) return $post_id;
} 
else {
 if ( !current_user_can( 'edit_post', $post_id ) ) return $post_id;
}
$post_tag = ($_POST['tax_input']['post_tag']) ? $_POST['tax_input']['post_tag'] : '';

if('' != $post_tag) :

 $post_tag = explode(',',$post_tag);

 $ptc = 0;
 // Build string of OR matches for the query
 foreach($post_tag as $tag) {
  $ptc++;
  if($ptc == 1) { $tt = "terms.name = '$tag'"; } 
  else { $tt .= " OR terms.name = '$tag'"; }
 }
 // Get the tag ids and slugs for the saved post
 $tags = $wpdb->get_results("
  SELECT terms.term_id, terms.slug 
  FROM $wpdb->terms as terms
   JOIN $wpdb->term_taxonomy as tax ON tax.term_id = terms.term_id
   JOIN $wpdb->term_relationships as rel ON rel.term_taxonomy_id = tax.term_taxonomy_id
  WHERE rel.object_id = '$post_id'
  AND tax.taxonomy = 'post_tag'
  AND $tt
 ", ARRAY_A);

 // Create 2 empty strings
 $mstr = $lstr = '';

 // Build a case string for the next query
 foreach($tags as $t => $tag) {
  $mstr .= "when '$tag[slug]' then '$tag[term_id]' ";
  $lstr .= "'$tag[slug]',";
 }
 // Unset unused data
 unset($tags);

 // Remove the last comma off the second string
 $lstr = substr($lstr,0,-1);

 // Create the a nifty query to do multiple updates in one query
 $wpdb->query( $wpdb->prepare("
  UPDATE ".S_DB."
  SET ".S_DB.".wpID = case wpSlug
  $mstr end
  WHERE ".S_DB.".wpSlug in($lstr)"));
endif;
return;
}

Link to comment
Share on other sites

A little, but can't make heads or tails of it. As I have dug some more, it's definitely a WP 3.5 issue, and here is what someone posted on WP's forum about his solution:

 

 

The theme file (mentioned in the error) was using $wpdb->prepare in insecure manner. Changing following did the trick. The warning was earlier being issued by wordpress since it now wants developers to parse variables securely instead of directly parsing in the statement. So another argument is a must in $wpdb->prepare call in such cases.

For example you can change

$wpdb->prepare( "SELECT * FROM table WHERE id = $id" );

to

$wpdb->prepare( "SELECT * FROM table WHERE id = %d", $id );

Cheers,

Tushar

 

 

I've posted on the WP forum too with **Missing argument 2 for wpdb::prepare()** in the subject line, hoping to evoke a specific response. The query causing the problem in my instance isn't a simple as WHERE id= . :happy-04:

 

So I'm not really sure how of to apply what's suggested to my code.

Link to comment
Share on other sites

Thanks for taking a look.

 



/*
Plugin Name: Save with post
Plugin URI: 
Description: Updates a secondary table in the database when a post is saved.
Version: 0.1
*/


// Your custom table name
define('S_DB','a_playerRank');


add_action('save_post', '__and_upd_other');
add_action('edit_post', '__and_upd_other');


function __and_upd_other( $post_id ) {
global $wpdb;


if ( defined('DOING_AUTOSAVE') && DOING_AUTOSAVE ) return $post_id;
if ( 'page' == $_POST['post_type'] ) {
if ( !current_user_can( 'edit_page', $post_id ) ) return $post_id;
} 
else {
if ( !current_user_can( 'edit_post', $post_id ) ) return $post_id;
}
$post_tag = ($_POST['tax_input']['post_tag']) ? $_POST['tax_input']['post_tag'] : '';


if('' != $post_tag) :


$post_tag = explode(',',$post_tag);


$ptc = 0;
// Build string of OR matches for the query
foreach($post_tag as $tag) {
$ptc++;
if($ptc == 1) { $tt = "terms.name = '$tag'"; } 
else { $tt .= " OR terms.name = '$tag'"; }
}
// Get the tag ids and slugs for the saved post
$tags = $wpdb->get_results("
SELECT terms.term_id, terms.slug 
FROM $wpdb->terms as terms
JOIN $wpdb->term_taxonomy as tax ON tax.term_id = terms.term_id
JOIN $wpdb->term_relationships as rel ON rel.term_taxonomy_id = tax.term_taxonomy_id
WHERE rel.object_id = '$post_id'
AND tax.taxonomy = 'post_tag'
AND $tt
", ARRAY_A);


// Create 2 empty strings
$mstr = $lstr = '';


// Build a case string for the next query
foreach($tags as $t => $tag) {
$mstr .= "when '$tag[slug]' then '$tag[term_id]' ";
$lstr .= "'$tag[slug]',";
}
// Unset unused data
unset($tags);


// Remove the last comma off the second string
$lstr = substr($lstr,0,-1);


// Create the a nifty query to do multiple updates in one query
$wpdb->query( $wpdb->prepare("
UPDATE ".S_DB."
SET ".S_DB.".wpID = case wpSlug
$mstr end
WHERE ".S_DB.".wpSlug in(%s)"), $lstr);
//old line before switching due 3.5 upgrade  WHERE ".S_DB.".wpSlug in($lstr)"));
endif;
return;
}

Link to comment
Share on other sites

  • 4 years later...

$lstr needs to be the second argument to prepare() not query().

 

I know it's been four years, but it's a subject I'm revisiting as I'm looking to reuse the plugin.  Not sure that line means. 

 

The gist of it is when a Post is posted it pushes the tag/term, which I only use for the names of basketball players, to one of my custom data tables. From that table, I get information to be viewed on the player's Tag archive page above the posts about the player.

 

Thank you.

Link to comment
Share on other sites

That last part, I moved $lstr within the prepare( ) portion, but it still produce what I needed.  

// Create the a nifty query to do multiple updates in one query
$wpdb->query( $wpdb->prepare("
UPDATE ".S_DB."
SET ".S_DB.".wpID = case wpSlug
$mstr end
WHERE ".S_DB.".wpSlug in(%s)",$lstr));
//old line before switching due 3.5 upgrade  WHERE ".S_DB.".wpSlug in($lstr)"));
endif;
return;
}
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.