add_magic_quotes() 在 wordpress 中不起作用
add_magic_quotes() is not working in wordpress
这是插件 运行 的代码。它将 CSV 文件数据传递给 MySQL.:
$new_post = array(
'post_title' => $row['Account Name'],
'post_content' => $row['Yellow Page Business Description'],
'post_status' => 'publish',
'post_author' => 1,
'post_type' => 'business',
'post_category' => array(0)
);
try
{
$result = wp_insert_post(add_magic_quotes($new_post), true);
if (is_wp_error($result)) {
$output .= '<p style="color:red;">ERROR LOADING CSV FILE</p>';
$output .= "<p style='color:red;'>Failed to import {$new_post['post_title']}</p>";
$output .= '<pre>'.$result->get_error_message().'</pre>';
}
else
{
$post_id = $result;
MySQL 报告:
[error] WordPress 数据库错误 您的 SQL 语法有误;查看与您的 MySQL 服务器版本对应的手册,了解在 '))) AND (cj_posts.post_password = '') AND cj_posts.post_type = 'business' AND ' 附近使用的正确语法在第 1 行查询 SELECT DISTINCT SQL_CALC_FOUND_ROWS cj_posts.* FROM cj_posts LEFT JOIN cj_term_relationships AS trel ON (cj_posts.ID = trel.object_id) LEFT JOIN cj_term_taxonomy AS ttax ON ( ( ttax.taxonomy = 'category' ) AND trel.term_taxonomy_id = ttax.term_taxonomy_id) LEFT JOIN cj_terms AS tter ON ( ttax.term_id = tter.term_id) LEFT JOIN cj_comments AS cmt ON ( cmt.comment_post_ID = cj_posts.ID ) WHERE 1=1 AND ( ( (())) AND ( cj_posts.post_password = '') AND cj_posts.post_type = 'business' AND (cj_posts.post_status = 'publish')) AND post_type != 'revision') AND post_status != 'future' ORDER BY cj_posts.post_title LIKE '% %' DESC, cj_posts.post_date DESC LIMIT 0, 10 由 require('wp-blog-header.php'), wp, WP->main, WP->query_posts, WP_Query->查询, WP_Query->get_posts
cj_ 是 WordPress 前缀。
我认为是 magic_quotes 的使用不起作用,因此它将 CSV 数据中的字符传递给 MySQL,但未正确转义。但我不是 100% 确定,也不确定要用什么替代品才能让它发挥作用。
您不需要使用 add_magic_quotes。来自 wp_insert_post 文档:
This function inserts posts (and pages) in the database. It sanitizes variables, does some checks, fills in missing variables like date/time, etc
重点是我的。
https://codex.wordpress.org/Function_Reference/wp_insert_post
add_magic_quotes 本质上是遍历数组并在每个元素上调用 add_slashes。这是完全没有必要的,因为 wp_insert_post 会清理给定的任何输入。无论您希望 add_magic_quotes 解决什么问题,它都不会。
这是插件 运行 的代码。它将 CSV 文件数据传递给 MySQL.:
$new_post = array(
'post_title' => $row['Account Name'],
'post_content' => $row['Yellow Page Business Description'],
'post_status' => 'publish',
'post_author' => 1,
'post_type' => 'business',
'post_category' => array(0)
);
try
{
$result = wp_insert_post(add_magic_quotes($new_post), true);
if (is_wp_error($result)) {
$output .= '<p style="color:red;">ERROR LOADING CSV FILE</p>';
$output .= "<p style='color:red;'>Failed to import {$new_post['post_title']}</p>";
$output .= '<pre>'.$result->get_error_message().'</pre>';
}
else
{
$post_id = $result;
MySQL 报告:
[error] WordPress 数据库错误 您的 SQL 语法有误;查看与您的 MySQL 服务器版本对应的手册,了解在 '))) AND (cj_posts.post_password = '') AND cj_posts.post_type = 'business' AND ' 附近使用的正确语法在第 1 行查询 SELECT DISTINCT SQL_CALC_FOUND_ROWS cj_posts.* FROM cj_posts LEFT JOIN cj_term_relationships AS trel ON (cj_posts.ID = trel.object_id) LEFT JOIN cj_term_taxonomy AS ttax ON ( ( ttax.taxonomy = 'category' ) AND trel.term_taxonomy_id = ttax.term_taxonomy_id) LEFT JOIN cj_terms AS tter ON ( ttax.term_id = tter.term_id) LEFT JOIN cj_comments AS cmt ON ( cmt.comment_post_ID = cj_posts.ID ) WHERE 1=1 AND ( ( (())) AND ( cj_posts.post_password = '') AND cj_posts.post_type = 'business' AND (cj_posts.post_status = 'publish')) AND post_type != 'revision') AND post_status != 'future' ORDER BY cj_posts.post_title LIKE '% %' DESC, cj_posts.post_date DESC LIMIT 0, 10 由 require('wp-blog-header.php'), wp, WP->main, WP->query_posts, WP_Query->查询, WP_Query->get_posts
cj_ 是 WordPress 前缀。
我认为是 magic_quotes 的使用不起作用,因此它将 CSV 数据中的字符传递给 MySQL,但未正确转义。但我不是 100% 确定,也不确定要用什么替代品才能让它发挥作用。
您不需要使用 add_magic_quotes。来自 wp_insert_post 文档:
This function inserts posts (and pages) in the database. It sanitizes variables, does some checks, fills in missing variables like date/time, etc
重点是我的。
https://codex.wordpress.org/Function_Reference/wp_insert_post
add_magic_quotes 本质上是遍历数组并在每个元素上调用 add_slashes。这是完全没有必要的,因为 wp_insert_post 会清理给定的任何输入。无论您希望 add_magic_quotes 解决什么问题,它都不会。