diff --git a/includes/class-wc-install.php b/includes/class-wc-install.php index 725fe1d47eb..260e6a21923 100644 --- a/includes/class-wc-install.php +++ b/includes/class-wc-install.php @@ -119,7 +119,7 @@ class WC_Install { ), '3.5.2' => array( 'wc_update_352_drop_download_log_fk', - ) + ), ); /** @@ -408,7 +408,8 @@ class WC_Install { include_once dirname( __FILE__ ) . '/admin/wc-admin-functions.php'; $pages = apply_filters( - 'woocommerce_create_pages', array( + 'woocommerce_create_pages', + array( 'shop' => array( 'name' => _x( 'shop', 'Page slug', 'woocommerce' ), 'title' => _x( 'Shop', 'Page title', 'woocommerce' ), @@ -597,21 +598,21 @@ class WC_Install { // Add constraint to download logs if the columns matches. if ( ! empty( $download_permissions_column_type ) && ! empty( $download_log_column_type ) && $download_permissions_column_type === $download_log_column_type ) { - $fk_result = $wpdb->get_row( " - SELECT COUNT(*) AS fk_count + $fk_result = $wpdb->get_row( + "SELECT COUNT(*) AS fk_count FROM information_schema.TABLE_CONSTRAINTS WHERE CONSTRAINT_SCHEMA = '{$wpdb->dbname}' AND CONSTRAINT_NAME = 'fk_{$wpdb->prefix}wc_download_log_permission_id' AND CONSTRAINT_TYPE = 'FOREIGN KEY' - AND TABLE_NAME = '{$wpdb->prefix}wc_download_log' - " ); // WPCS: unprepared SQL ok. + AND TABLE_NAME = '{$wpdb->prefix}wc_download_log'" + ); // WPCS: unprepared SQL ok. if ( 0 === (int) $fk_result->fk_count ) { - $wpdb->query( " - ALTER TABLE `{$wpdb->prefix}wc_download_log` + $wpdb->query( + "ALTER TABLE `{$wpdb->prefix}wc_download_log` ADD CONSTRAINT `fk_{$wpdb->prefix}wc_download_log_permission_id` FOREIGN KEY (`permission_id`) - REFERENCES `{$wpdb->prefix}woocommerce_downloadable_product_permissions` (`permission_id`) ON DELETE CASCADE; - " ); // WPCS: unprepared SQL ok. + REFERENCES `{$wpdb->prefix}woocommerce_downloadable_product_permissions` (`permission_id`) ON DELETE CASCADE;" + ); // WPCS: unprepared SQL ok. } } } @@ -892,7 +893,7 @@ CREATE TABLE {$wpdb->prefix}woocommerce_termmeta ( $tables = self::get_tables(); foreach ( $tables as $table ) { - $wpdb->query( "DROP TABLE IF EXISTS {$table}" ); // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + $wpdb->query( "DROP TABLE IF EXISTS {$table}" ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared } } @@ -1404,7 +1405,8 @@ CREATE TABLE {$wpdb->prefix}woocommerce_termmeta ( $skin = new Automatic_Upgrader_Skin(); $upgrader = new Theme_Upgrader( $skin ); $api = themes_api( - 'theme_information', array( + 'theme_information', + array( 'slug' => $theme_slug, 'fields' => array( 'sections' => false ), ) diff --git a/includes/data-stores/class-wc-coupon-data-store-cpt.php b/includes/data-stores/class-wc-coupon-data-store-cpt.php index 507dd0d063c..986b3c5bcc9 100644 --- a/includes/data-stores/class-wc-coupon-data-store-cpt.php +++ b/includes/data-stores/class-wc-coupon-data-store-cpt.php @@ -76,7 +76,8 @@ class WC_Coupon_Data_Store_CPT extends WC_Data_Store_WP implements WC_Coupon_Dat 'post_date' => gmdate( 'Y-m-d H:i:s', $coupon->get_date_created()->getOffsetTimestamp() ), 'post_date_gmt' => gmdate( 'Y-m-d H:i:s', $coupon->get_date_created()->getTimestamp() ), ) - ), true + ), + true ); if ( $coupon_id ) { @@ -191,7 +192,8 @@ class WC_Coupon_Data_Store_CPT extends WC_Data_Store_WP implements WC_Coupon_Dat */ public function delete( &$coupon, $args = array() ) { $args = wp_parse_args( - $args, array( + $args, + array( 'force_delete' => false, ) ); @@ -343,7 +345,8 @@ class WC_Coupon_Data_Store_CPT extends WC_Data_Store_WP implements WC_Coupon_Dat add_post_meta( $id, 'usage_count', $coupon->get_usage_count( 'edit' ), true ); $wpdb->query( $wpdb->prepare( - "UPDATE $wpdb->postmeta SET meta_value = meta_value {$operator} 1 WHERE meta_key = 'usage_count' AND post_id = %d;", // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared + "UPDATE $wpdb->postmeta SET meta_value = meta_value {$operator} 1 WHERE meta_key = 'usage_count' AND post_id = %d;", $id ) ); diff --git a/includes/data-stores/class-wc-customer-data-store.php b/includes/data-stores/class-wc-customer-data-store.php index d907e61893c..ecde3db2138 100644 --- a/includes/data-stores/class-wc-customer-data-store.php +++ b/includes/data-stores/class-wc-customer-data-store.php @@ -117,11 +117,13 @@ class WC_Customer_Data_Store extends WC_Data_Store_WP implements WC_Customer_Dat wp_update_user( apply_filters( - 'woocommerce_update_customer_args', array( + 'woocommerce_update_customer_args', + array( 'ID' => $customer->get_id(), 'role' => $customer->get_role(), 'display_name' => $customer->get_display_name(), - ), $customer + ), + $customer ) ); $wp_user = new WP_User( $customer->get_id() ); @@ -186,11 +188,13 @@ class WC_Customer_Data_Store extends WC_Data_Store_WP implements WC_Customer_Dat public function update( &$customer ) { wp_update_user( apply_filters( - 'woocommerce_update_customer_args', array( + 'woocommerce_update_customer_args', + array( 'ID' => $customer->get_id(), 'user_email' => $customer->get_email(), 'display_name' => $customer->get_display_name(), - ), $customer + ), + $customer ) ); @@ -225,7 +229,8 @@ class WC_Customer_Data_Store extends WC_Data_Store_WP implements WC_Customer_Dat } $args = wp_parse_args( - $args, array( + $args, + array( 'reassign' => 0, ) ); @@ -326,7 +331,7 @@ class WC_Customer_Data_Store extends WC_Data_Store_WP implements WC_Customer_Dat global $wpdb; $last_order = $wpdb->get_var( - // phpcs:disable WordPress.WP.PreparedSQL.NotPrepared + // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared "SELECT posts.ID FROM $wpdb->posts AS posts LEFT JOIN {$wpdb->postmeta} AS meta on posts.ID = meta.post_id @@ -359,7 +364,7 @@ class WC_Customer_Data_Store extends WC_Data_Store_WP implements WC_Customer_Dat global $wpdb; $count = $wpdb->get_var( - // phpcs:disable WordPress.WP.PreparedSQL.NotPrepared + // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared "SELECT COUNT(*) FROM $wpdb->posts as posts LEFT JOIN {$wpdb->postmeta} AS meta ON posts.ID = meta.post_id @@ -394,7 +399,7 @@ class WC_Customer_Data_Store extends WC_Data_Store_WP implements WC_Customer_Dat $statuses = array_map( 'esc_sql', wc_get_is_paid_statuses() ); $spent = $wpdb->get_var( - // phpcs:disable WordPress.WP.PreparedSQL.NotPrepared + // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared apply_filters( 'woocommerce_customer_get_total_spent_query', "SELECT SUM(meta2.meta_value) @@ -437,18 +442,23 @@ class WC_Customer_Data_Store extends WC_Data_Store_WP implements WC_Customer_Dat $query = new WP_User_Query( apply_filters( - 'woocommerce_customer_search_customers', array( + 'woocommerce_customer_search_customers', + array( 'search' => '*' . esc_attr( $term ) . '*', 'search_columns' => array( 'user_login', 'user_url', 'user_email', 'user_nicename', 'display_name' ), 'fields' => 'ID', 'number' => $limit, - ), $term, $limit, 'main_query' + ), + $term, + $limit, + 'main_query' ) ); $query2 = new WP_User_Query( apply_filters( - 'woocommerce_customer_search_customers', array( + 'woocommerce_customer_search_customers', + array( 'fields' => 'ID', 'number' => $limit, 'meta_query' => array( @@ -464,7 +474,10 @@ class WC_Customer_Data_Store extends WC_Data_Store_WP implements WC_Customer_Dat 'compare' => 'LIKE', ), ), - ), $term, $limit, 'meta_query' + ), + $term, + $limit, + 'meta_query' ) ); diff --git a/includes/data-stores/class-wc-customer-download-data-store.php b/includes/data-stores/class-wc-customer-download-data-store.php index 95179f1b904..a26fed73b61 100644 --- a/includes/data-stores/class-wc-customer-download-data-store.php +++ b/includes/data-stores/class-wc-customer-download-data-store.php @@ -281,7 +281,8 @@ class WC_Customer_Download_Data_Store implements WC_Customer_Download_Data_Store global $wpdb; $args = wp_parse_args( - $args, array( + $args, + array( 'user_email' => '', 'user_id' => '', 'order_id' => '', @@ -345,7 +346,7 @@ class WC_Customer_Download_Data_Store implements WC_Customer_Download_Data_Store $query[] = $wpdb->prepare( 'LIMIT %d, %d', absint( $args['limit'] ) * absint( $args['page'] - 1 ), absint( $args['limit'] ) ); } - // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared $results = $wpdb->get_results( implode( ' ', $query ), $get_results_output ); switch ( $args['return'] ) { diff --git a/includes/data-stores/class-wc-data-store-wp.php b/includes/data-stores/class-wc-data-store-wp.php index 229d144a9b5..9ee29557f07 100644 --- a/includes/data-stores/class-wc-data-store-wp.php +++ b/includes/data-stores/class-wc-data-store-wp.php @@ -75,7 +75,7 @@ class WC_Data_Store_WP { $db_info = $this->get_db_info(); $raw_meta_data = $wpdb->get_results( $wpdb->prepare( - // phpcs:disable WordPress.WP.PreparedSQL.NotPrepared + // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared "SELECT {$db_info['meta_id_field']} as meta_id, meta_key, meta_value FROM {$db_info['table']} WHERE {$db_info['object_id_field']} = %d @@ -495,9 +495,12 @@ class WC_Data_Store_WP { protected function get_search_stopwords() { // Translators: This is a comma-separated list of very common words that should be excluded from a search, like a, an, and the. These are usually called "stopwords". You should not simply translate these individual words into your language. Instead, look for and provide commonly accepted stopwords in your language. $stopwords = array_map( - 'wc_strtolower', array_map( - 'trim', explode( - ',', _x( + 'wc_strtolower', + array_map( + 'trim', + explode( + ',', + _x( 'about,an,are,as,at,be,by,com,for,from,how,in,is,it,of,on,or,that,the,this,to,was,what,when,where,who,will,with,www', 'Comma-separated list of search stopwords in your language', 'woocommerce' diff --git a/includes/data-stores/class-wc-payment-token-data-store.php b/includes/data-stores/class-wc-payment-token-data-store.php index e6aee033c00..073e3711cb3 100644 --- a/includes/data-stores/class-wc-payment-token-data-store.php +++ b/includes/data-stores/class-wc-payment-token-data-store.php @@ -235,7 +235,8 @@ class WC_Payment_Token_Data_Store extends WC_Data_Store_WP implements WC_Payment public function get_tokens( $args ) { global $wpdb; $args = wp_parse_args( - $args, array( + $args, + array( 'token_id' => '', 'user_id' => '', 'gateway_id' => '', @@ -275,7 +276,7 @@ class WC_Payment_Token_Data_Store extends WC_Data_Store_WP implements WC_Payment $where[] = $wpdb->prepare( 'type = %s', $args['type'] ); } - // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared $token_results = $wpdb->get_results( $sql . ' WHERE ' . implode( ' AND ', $where ) . ' ' . $limits ); return $token_results; diff --git a/includes/data-stores/class-wc-product-data-store-cpt.php b/includes/data-stores/class-wc-product-data-store-cpt.php index 23d82e8c0c8..34dad6f3455 100644 --- a/includes/data-stores/class-wc-product-data-store-cpt.php +++ b/includes/data-stores/class-wc-product-data-store-cpt.php @@ -99,7 +99,8 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da $id = wp_insert_post( apply_filters( - 'woocommerce_new_product_data', array( + 'woocommerce_new_product_data', + array( 'post_type' => 'product', 'post_status' => $product->get_status() ? $product->get_status() : 'publish', 'post_author' => get_current_user_id(), @@ -114,7 +115,8 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da 'post_date_gmt' => gmdate( 'Y-m-d H:i:s', $product->get_date_created( 'edit' )->getTimestamp() ), 'post_name' => $product->get_slug( 'edit' ), ) - ), true + ), + true ); if ( $id && ! is_wp_error( $id ) ) { @@ -262,7 +264,8 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da $post_type = $product->is_type( 'variation' ) ? 'product_variation' : 'product'; $args = wp_parse_args( - $args, array( + $args, + array( 'force_delete' => false, ) ); @@ -429,7 +432,8 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da 'is_visible' => 0, 'is_variation' => 0, 'is_taxonomy' => 0, - ), (array) $meta_attribute_value + ), + (array) $meta_attribute_value ); // Check if is a taxonomy attribute. @@ -872,7 +876,7 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da } return $wpdb->get_results( - // phpcs:disable WordPress.WP.PreparedSQL.NotPrepared + // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared $wpdb->prepare( "SELECT post.ID as id, post.post_parent as parent_id FROM `$wpdb->posts` AS post LEFT JOIN `$wpdb->postmeta` AS meta ON post.ID = meta.post_id @@ -953,7 +957,8 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da AND $wpdb->postmeta.meta_key = '_sku' AND $wpdb->postmeta.meta_value = %s AND $wpdb->postmeta.post_id <> %d LIMIT 1", - wp_slash( $sku ), $product_id + wp_slash( $sku ), + $product_id ) ); } @@ -1150,7 +1155,7 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da $related_product_query = (array) apply_filters( 'woocommerce_product_related_posts_query', $this->get_related_products_query( $cats_array, $tags_array, $exclude_ids, $limit + 10 ), $product_id, $args ); - // phpcs:ignore WordPress.VIP.DirectDatabaseQuery.DirectQuery, WordPress.WP.PreparedSQL.NotPrepared + // phpcs:ignore WordPress.VIP.DirectDatabaseQuery.DirectQuery, WordPress.DB.PreparedSQL.NotPrepared return $wpdb->get_col( implode( ' ', $related_product_query ) ); } @@ -1233,7 +1238,9 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da // phpcs:ignore WordPress.VIP.DirectDatabaseQuery.DirectQuery $wpdb->query( $wpdb->prepare( - "UPDATE {$wpdb->postmeta} SET meta_value = meta_value + %f WHERE post_id = %d AND meta_key='_stock'", $stock_quantity, $product_id_with_stock + "UPDATE {$wpdb->postmeta} SET meta_value = meta_value + %f WHERE post_id = %d AND meta_key='_stock'", + $stock_quantity, + $product_id_with_stock ) ); break; @@ -1241,7 +1248,9 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da // phpcs:ignore WordPress.VIP.DirectDatabaseQuery.DirectQuery $wpdb->query( $wpdb->prepare( - "UPDATE {$wpdb->postmeta} SET meta_value = meta_value - %f WHERE post_id = %d AND meta_key='_stock'", $stock_quantity, $product_id_with_stock + "UPDATE {$wpdb->postmeta} SET meta_value = meta_value - %f WHERE post_id = %d AND meta_key='_stock'", + $stock_quantity, + $product_id_with_stock ) ); break; @@ -1249,7 +1258,9 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da // phpcs:ignore WordPress.VIP.DirectDatabaseQuery.DirectQuery $wpdb->query( $wpdb->prepare( - "UPDATE {$wpdb->postmeta} SET meta_value = %f WHERE post_id = %d AND meta_key='_stock'", $stock_quantity, $product_id_with_stock + "UPDATE {$wpdb->postmeta} SET meta_value = %f WHERE post_id = %d AND meta_key='_stock'", + $stock_quantity, + $product_id_with_stock ) ); break; @@ -1278,7 +1289,9 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da // phpcs:ignore WordPress.VIP.DirectDatabaseQuery.DirectQuery $wpdb->query( $wpdb->prepare( - "UPDATE {$wpdb->postmeta} SET meta_value = meta_value + %f WHERE post_id = %d AND meta_key='total_sales'", $quantity, $product_id + "UPDATE {$wpdb->postmeta} SET meta_value = meta_value + %f WHERE post_id = %d AND meta_key='total_sales'", + $quantity, + $product_id ) ); break; @@ -1286,7 +1299,9 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da // phpcs:ignore WordPress.VIP.DirectDatabaseQuery.DirectQuery $wpdb->query( $wpdb->prepare( - "UPDATE {$wpdb->postmeta} SET meta_value = meta_value - %f WHERE post_id = %d AND meta_key='total_sales'", $quantity, $product_id + "UPDATE {$wpdb->postmeta} SET meta_value = meta_value - %f WHERE post_id = %d AND meta_key='total_sales'", + $quantity, + $product_id ) ); break; @@ -1294,7 +1309,9 @@ class WC_Product_Data_Store_CPT extends WC_Data_Store_WP implements WC_Object_Da // phpcs:ignore WordPress.VIP.DirectDatabaseQuery.DirectQuery $wpdb->query( $wpdb->prepare( - "UPDATE {$wpdb->postmeta} SET meta_value = %f WHERE post_id = %d AND meta_key='total_sales'", $quantity, $product_id + "UPDATE {$wpdb->postmeta} SET meta_value = %f WHERE post_id = %d AND meta_key='total_sales'", + $quantity, + $product_id ) ); break; diff --git a/includes/data-stores/class-wc-product-variable-data-store-cpt.php b/includes/data-stores/class-wc-product-variable-data-store-cpt.php index 91e19171492..08b486ec8e9 100644 --- a/includes/data-stores/class-wc-product-variable-data-store-cpt.php +++ b/includes/data-stores/class-wc-product-variable-data-store-cpt.php @@ -43,7 +43,8 @@ class WC_Product_Variable_Data_Store_CPT extends WC_Product_Data_Store_CPT imple 'is_visible' => 0, 'is_variation' => 0, 'is_taxonomy' => 0, - ), (array) $meta_attribute_value + ), + (array) $meta_attribute_value ); // Maintain data integrity. 4.9 changed sanitization functions - update the values here so variations function correctly. @@ -184,7 +185,8 @@ class WC_Product_Variable_Data_Store_CPT extends WC_Product_Data_Store_CPT imple $values = array_unique( $wpdb->get_col( $wpdb->prepare( - "SELECT meta_value FROM {$wpdb->postmeta} WHERE meta_key = %s AND post_id IN (" . implode( ',', array_map( 'absint', $child_ids ) ) . ')', // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared + "SELECT meta_value FROM {$wpdb->postmeta} WHERE meta_key = %s AND post_id IN (" . implode( ',', array_map( 'absint', $child_ids ) ) . ')', wc_variation_attribute_name( $attribute['name'] ) ) ) @@ -286,38 +288,44 @@ class WC_Product_Variable_Data_Store_CPT extends WC_Product_Data_Store_CPT imple if ( $for_display ) { if ( 'incl' === get_option( 'woocommerce_tax_display_shop' ) ) { $price = '' === $price ? '' : wc_get_price_including_tax( - $variation, array( + $variation, + array( 'qty' => 1, 'price' => $price, ) ); $regular_price = '' === $regular_price ? '' : wc_get_price_including_tax( - $variation, array( + $variation, + array( 'qty' => 1, 'price' => $regular_price, ) ); $sale_price = '' === $sale_price ? '' : wc_get_price_including_tax( - $variation, array( + $variation, + array( 'qty' => 1, 'price' => $sale_price, ) ); } else { $price = '' === $price ? '' : wc_get_price_excluding_tax( - $variation, array( + $variation, + array( 'qty' => 1, 'price' => $price, ) ); $regular_price = '' === $regular_price ? '' : wc_get_price_excluding_tax( - $variation, array( + $variation, + array( 'qty' => 1, 'price' => $regular_price, ) ); $sale_price = '' === $sale_price ? '' : wc_get_price_excluding_tax( - $variation, array( + $variation, + array( 'qty' => 1, 'price' => $sale_price, ) @@ -394,7 +402,7 @@ class WC_Product_Variable_Data_Store_CPT extends WC_Product_Data_Store_CPT imple public function child_has_weight( $product ) { global $wpdb; $children = $product->get_visible_children(); - return $children ? null !== $wpdb->get_var( "SELECT post_id FROM $wpdb->postmeta WHERE meta_key = '_weight' AND meta_value > 0 AND post_id IN ( " . implode( ',', array_map( 'absint', $children ) ) . ' )' ) : false; // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + return $children ? null !== $wpdb->get_var( "SELECT post_id FROM $wpdb->postmeta WHERE meta_key = '_weight' AND meta_value > 0 AND post_id IN ( " . implode( ',', array_map( 'absint', $children ) ) . ' )' ) : false; // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared } /** @@ -407,7 +415,7 @@ class WC_Product_Variable_Data_Store_CPT extends WC_Product_Data_Store_CPT imple public function child_has_dimensions( $product ) { global $wpdb; $children = $product->get_visible_children(); - return $children ? null !== $wpdb->get_var( "SELECT post_id FROM $wpdb->postmeta WHERE meta_key IN ( '_length', '_width', '_height' ) AND meta_value > 0 AND post_id IN ( " . implode( ',', array_map( 'absint', $children ) ) . ' )' ) : false; // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + return $children ? null !== $wpdb->get_var( "SELECT post_id FROM $wpdb->postmeta WHERE meta_key IN ( '_length', '_width', '_height' ) AND meta_value > 0 AND post_id IN ( " . implode( ',', array_map( 'absint', $children ) ) . ' )' ) : false; // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared } /** @@ -437,7 +445,8 @@ class WC_Product_Variable_Data_Store_CPT extends WC_Product_Data_Store_CPT imple if ( $children ) { $children_with_status = $wpdb->get_var( $wpdb->prepare( - "SELECT COUNT( post_id ) FROM $wpdb->postmeta WHERE meta_key = '_stock_status' AND meta_value = %s AND post_id IN ( " . implode( ',', array_map( 'absint', $children ) ) . ' )', // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared + "SELECT COUNT( post_id ) FROM $wpdb->postmeta WHERE meta_key = '_stock_status' AND meta_value = %s AND post_id IN ( " . implode( ',', array_map( 'absint', $children ) ) . ' )', $status ) ); @@ -487,7 +496,7 @@ class WC_Product_Variable_Data_Store_CPT extends WC_Product_Data_Store_CPT imple if ( $product->get_manage_stock() ) { $status = $product->get_stock_status(); $children = $product->get_children(); - $managed_children = $children ? array_unique( $wpdb->get_col( "SELECT post_id FROM $wpdb->postmeta WHERE meta_key = '_manage_stock' AND meta_value != 'yes' AND post_id IN ( " . implode( ',', array_map( 'absint', $children ) ) . ' )' ) ) : array(); // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + $managed_children = $children ? array_unique( $wpdb->get_col( "SELECT post_id FROM $wpdb->postmeta WHERE meta_key = '_manage_stock' AND meta_value != 'yes' AND post_id IN ( " . implode( ',', array_map( 'absint', $children ) ) . ' )' ) ) : array(); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared $changed = false; foreach ( $managed_children as $managed_child ) { if ( update_post_meta( $managed_child, '_stock_status', $status ) ) { @@ -512,7 +521,7 @@ class WC_Product_Variable_Data_Store_CPT extends WC_Product_Data_Store_CPT imple global $wpdb; $children = $product->get_visible_children(); - $prices = $children ? array_unique( $wpdb->get_col( "SELECT meta_value FROM $wpdb->postmeta WHERE meta_key = '_price' AND post_id IN ( " . implode( ',', array_map( 'absint', $children ) ) . ' )' ) ) : array(); // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + $prices = $children ? array_unique( $wpdb->get_col( "SELECT meta_value FROM $wpdb->postmeta WHERE meta_key = '_price' AND post_id IN ( " . implode( ',', array_map( 'absint', $children ) ) . ' )' ) ) : array(); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared delete_post_meta( $product->get_id(), '_price' ); delete_post_meta( $product->get_id(), '_sale_price' ); diff --git a/includes/data-stores/class-wc-product-variation-data-store-cpt.php b/includes/data-stores/class-wc-product-variation-data-store-cpt.php index b209f4b485c..eb3a99a201b 100644 --- a/includes/data-stores/class-wc-product-variation-data-store-cpt.php +++ b/includes/data-stores/class-wc-product-variation-data-store-cpt.php @@ -113,7 +113,8 @@ class WC_Product_Variation_Data_Store_CPT extends WC_Product_Data_Store_CPT impl $id = wp_insert_post( apply_filters( - 'woocommerce_new_product_variation_data', array( + 'woocommerce_new_product_variation_data', + array( 'post_type' => 'product_variation', 'post_status' => $product->get_status() ? $product->get_status() : 'publish', 'post_author' => get_current_user_id(), @@ -127,7 +128,8 @@ class WC_Product_Variation_Data_Store_CPT extends WC_Product_Data_Store_CPT impl 'post_date_gmt' => gmdate( 'Y-m-d H:i:s', $product->get_date_created( 'edit' )->getTimestamp() ), 'post_name' => $product->get_slug( 'edit' ), ) - ), true + ), + true ); if ( $id && ! is_wp_error( $id ) ) { @@ -432,7 +434,8 @@ class WC_Product_Variation_Data_Store_CPT extends WC_Product_Data_Store_CPT impl // Remove old taxonomies attributes so data is kept up to date - first get attribute key names. $delete_attribute_keys = $wpdb->get_col( $wpdb->prepare( - "SELECT meta_key FROM {$wpdb->postmeta} WHERE meta_key LIKE %s AND meta_key NOT IN ( '" . implode( "','", array_map( 'esc_sql', $updated_attribute_keys ) ) . "' ) AND post_id = %d", // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared, WordPress.DB.PreparedSQLPlaceholders.QuotedDynamicPlaceholderGeneration + // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared, WordPress.DB.PreparedSQLPlaceholders.QuotedDynamicPlaceholderGeneration + "SELECT meta_key FROM {$wpdb->postmeta} WHERE meta_key LIKE %s AND meta_key NOT IN ( '" . implode( "','", array_map( 'esc_sql', $updated_attribute_keys ) ) . "' ) AND post_id = %d", $wpdb->esc_like( 'attribute_' ) . '%', $product->get_id() ) diff --git a/includes/data-stores/class-wc-shipping-zone-data-store.php b/includes/data-stores/class-wc-shipping-zone-data-store.php index c6b9f8e3e67..342db072a62 100644 --- a/includes/data-stores/class-wc-shipping-zone-data-store.php +++ b/includes/data-stores/class-wc-shipping-zone-data-store.php @@ -25,7 +25,8 @@ class WC_Shipping_Zone_Data_Store extends WC_Data_Store_WP implements WC_Shippin public function create( &$zone ) { global $wpdb; $wpdb->insert( - $wpdb->prefix . 'woocommerce_shipping_zones', array( + $wpdb->prefix . 'woocommerce_shipping_zones', + array( 'zone_name' => $zone->get_zone_name(), 'zone_order' => $zone->get_zone_order(), ) @@ -48,10 +49,12 @@ class WC_Shipping_Zone_Data_Store extends WC_Data_Store_WP implements WC_Shippin global $wpdb; if ( $zone->get_id() ) { $wpdb->update( - $wpdb->prefix . 'woocommerce_shipping_zones', array( + $wpdb->prefix . 'woocommerce_shipping_zones', + array( 'zone_name' => $zone->get_zone_name(), 'zone_order' => $zone->get_zone_order(), - ), array( 'zone_id' => $zone->get_id() ) + ), + array( 'zone_id' => $zone->get_id() ) ); } $zone->save_meta_data(); @@ -140,7 +143,7 @@ class WC_Shipping_Zone_Data_Store extends WC_Data_Store_WP implements WC_Shippin $raw_methods_sql = "SELECT method_id, method_order, instance_id, is_enabled FROM {$wpdb->prefix}woocommerce_shipping_zone_methods WHERE zone_id = %d"; } - return $wpdb->get_results( $wpdb->prepare( $raw_methods_sql, $zone_id ) ); // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + return $wpdb->get_results( $wpdb->prepare( $raw_methods_sql, $zone_id ) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared } /** @@ -245,7 +248,7 @@ class WC_Shipping_Zone_Data_Store extends WC_Data_Store_WP implements WC_Shippin return $wpdb->get_var( "SELECT zones.zone_id FROM {$wpdb->prefix}woocommerce_shipping_zones as zones LEFT OUTER JOIN {$wpdb->prefix}woocommerce_shipping_zone_locations as locations ON zones.zone_id = locations.zone_id AND location_type != 'postcode' - WHERE " . implode( ' ', $criteria ) // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + WHERE " . implode( ' ', $criteria ) // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared . ' ORDER BY zone_order ASC, zone_id ASC LIMIT 1' ); } @@ -317,7 +320,8 @@ class WC_Shipping_Zone_Data_Store extends WC_Data_Store_WP implements WC_Shippin foreach ( $zone->get_zone_locations( 'edit' ) as $location ) { $wpdb->insert( - $wpdb->prefix . 'woocommerce_shipping_zone_locations', array( + $wpdb->prefix . 'woocommerce_shipping_zone_locations', + array( 'zone_id' => $zone->get_id(), 'location_code' => $location->code, 'location_type' => $location->type, diff --git a/includes/wc-update-functions.php b/includes/wc-update-functions.php index 37cd676168a..82cb24789c1 100644 --- a/includes/wc-update-functions.php +++ b/includes/wc-update-functions.php @@ -317,7 +317,8 @@ function wc_update_200_line_items() { } $item_id = wc_add_order_item( - $order_tax_row->post_id, array( + $order_tax_row->post_id, + array( 'order_item_name' => $order_tax['label'], 'order_item_type' => 'tax', ) @@ -737,16 +738,16 @@ function wc_update_240_shipping_methods() { foreach ( $shipping_methods as $flat_rate_option_key => $shipping_method ) { // Stop this running more than once if routine is repeated. if ( version_compare( $shipping_method->get_option( 'version', 0 ), '2.4.0', '<' ) ) { - $has_classes = count( WC()->shipping->get_shipping_classes() ) > 0; - $cost_key = $has_classes ? 'no_class_cost' : 'cost'; - $min_fee = $shipping_method->get_option( 'minimum_fee' ); - $math_cost_strings = array( + $has_classes = count( WC()->shipping->get_shipping_classes() ) > 0; + $cost_key = $has_classes ? 'no_class_cost' : 'cost'; + $min_fee = $shipping_method->get_option( 'minimum_fee' ); + $math_cost_strings = array( 'cost' => array(), 'no_class_cost' => array(), ); $math_cost_strings[ $cost_key ][] = $shipping_method->get_option( 'cost' ); - $fee = $shipping_method->get_option( 'fee' ); + $fee = $shipping_method->get_option( 'fee' ); if ( $fee ) { $math_cost_strings[ $cost_key ][] = strstr( $fee, '%' ) ? '[fee percent="' . str_replace( '%', '', $fee ) . '" min="' . esc_attr( $min_fee ) . '"]' : $fee; @@ -1087,7 +1088,8 @@ function wc_update_260_zone_methods() { // Move data. foreach ( $old_methods as $old_method ) { $wpdb->insert( - $wpdb->prefix . 'woocommerce_shipping_zone_methods', array( + $wpdb->prefix . 'woocommerce_shipping_zone_methods', + array( 'zone_id' => $old_method->zone_id, 'method_id' => $old_method->shipping_method_type, 'method_order' => $old_method->shipping_method_order, @@ -1422,7 +1424,8 @@ function wc_update_320_mexican_states() { SET meta_value = %s WHERE meta_key IN ( '_billing_state', '_shipping_state' ) AND meta_value = %s", - $new, $old + $new, + $old ) ); $wpdb->update( @@ -1511,11 +1514,13 @@ function wc_update_330_webhooks() { 'pending' => 'disabled', ); - $posts = get_posts( array( - 'posts_per_page' => -1, - 'post_type' => 'shop_webhook', - 'post_status' => 'any', - ) ); + $posts = get_posts( + array( + 'posts_per_page' => -1, + 'post_type' => 'shop_webhook', + 'post_status' => 'any', + ) + ); foreach ( $posts as $post ) { $webhook = new WC_Webhook(); @@ -1544,19 +1549,22 @@ function wc_update_330_set_default_product_cat() { $default_category = get_option( 'default_product_cat', 0 ); if ( $default_category ) { - $result = $wpdb->query( $wpdb->prepare( " - INSERT INTO {$wpdb->term_relationships} (object_id, term_taxonomy_id) - SELECT DISTINCT posts.ID, %s FROM {$wpdb->posts} posts - LEFT JOIN - ( - SELECT object_id FROM {$wpdb->term_relationships} term_relationships - LEFT JOIN {$wpdb->term_taxonomy} term_taxonomy ON term_relationships.term_taxonomy_id = term_taxonomy.term_taxonomy_id - WHERE term_taxonomy.taxonomy = 'product_cat' - ) AS tax_query - ON posts.ID = tax_query.object_id - WHERE posts.post_type = 'product' - AND tax_query.object_id IS NULL - ", $default_category ) ); + $result = $wpdb->query( + $wpdb->prepare( + "INSERT INTO {$wpdb->term_relationships} (object_id, term_taxonomy_id) + SELECT DISTINCT posts.ID, %s FROM {$wpdb->posts} posts + LEFT JOIN + ( + SELECT object_id FROM {$wpdb->term_relationships} term_relationships + LEFT JOIN {$wpdb->term_taxonomy} term_taxonomy ON term_relationships.term_taxonomy_id = term_taxonomy.term_taxonomy_id + WHERE term_taxonomy.taxonomy = 'product_cat' + ) AS tax_query + ON posts.ID = tax_query.object_id + WHERE posts.post_type = 'product' + AND tax_query.object_id IS NULL", + $default_category + ) + ); wp_cache_flush(); delete_transient( 'wc_term_counts' ); wp_update_term_count_now( array( $default_category ), 'product_cat' ); @@ -1576,16 +1584,19 @@ function wc_update_330_product_stock_status() { $min_stock_amount = (int) get_option( 'woocommerce_notify_no_stock_amount', 0 ); // Get all products that have stock management enabled, stock less than or equal to min stock amount, and backorders enabled. - $post_ids = $wpdb->get_col( $wpdb->prepare( " - SELECT t1.post_id FROM $wpdb->postmeta t1 - INNER JOIN $wpdb->postmeta t2 - ON t1.post_id = t2.post_id - AND t1.meta_key = '_manage_stock' AND t1.meta_value = 'yes' - AND t2.meta_key = '_stock' AND t2.meta_value <= %d - INNER JOIN $wpdb->postmeta t3 - ON t2.post_id = t3.post_id - AND t3.meta_key = '_backorders' AND ( t3.meta_value = 'yes' OR t3.meta_value = 'notify' ) - ", $min_stock_amount ) ); // WPCS: db call ok, unprepared SQL ok, cache ok. + $post_ids = $wpdb->get_col( + $wpdb->prepare( + "SELECT t1.post_id FROM $wpdb->postmeta t1 + INNER JOIN $wpdb->postmeta t2 + ON t1.post_id = t2.post_id + AND t1.meta_key = '_manage_stock' AND t1.meta_value = 'yes' + AND t2.meta_key = '_stock' AND t2.meta_value <= %d + INNER JOIN $wpdb->postmeta t3 + ON t2.post_id = t3.post_id + AND t3.meta_key = '_backorders' AND ( t3.meta_value = 'yes' OR t3.meta_value = 'notify' )", + $min_stock_amount + ) + ); // WPCS: db call ok, unprepared SQL ok, cache ok. if ( empty( $post_ids ) ) { return; @@ -1594,11 +1605,11 @@ function wc_update_330_product_stock_status() { $post_ids = array_map( 'absint', $post_ids ); // Set the status to onbackorder for those products. - $wpdb->query( " - UPDATE $wpdb->postmeta + $wpdb->query( + "UPDATE $wpdb->postmeta SET meta_value = 'onbackorder' - WHERE meta_key = '_stock_status' AND post_id IN ( " . implode( ',', $post_ids ) . ' ) - ' ); // WPCS: db call ok, unprepared SQL ok, cache ok. + WHERE meta_key = '_stock_status' AND post_id IN ( " . implode( ',', $post_ids ) . ' )' + ); // WPCS: db call ok, unprepared SQL ok, cache ok. } /** @@ -1737,7 +1748,8 @@ function wc_update_340_state() { SET meta_value = %s WHERE meta_key IN ( '_billing_state', '_shipping_state' ) AND meta_value = %s", - $new, $old + $new, + $old ) ); $wpdb->update( @@ -1811,18 +1823,18 @@ function wc_update_340_db_version() { function wc_update_343_cleanup_foreign_keys() { global $wpdb; - $results = $wpdb->get_results( " - SELECT CONSTRAINT_NAME + $results = $wpdb->get_results( + "SELECT CONSTRAINT_NAME FROM information_schema.TABLE_CONSTRAINTS WHERE CONSTRAINT_SCHEMA = '{$wpdb->dbname}' AND CONSTRAINT_NAME LIKE '%wc_download_log_ib%' AND CONSTRAINT_TYPE = 'FOREIGN KEY' - AND TABLE_NAME = '{$wpdb->prefix}wc_download_log' - " ); + AND TABLE_NAME = '{$wpdb->prefix}wc_download_log'" + ); if ( $results ) { foreach ( $results as $fk ) { - $wpdb->query( "ALTER TABLE {$wpdb->prefix}wc_download_log DROP FOREIGN KEY {$fk->CONSTRAINT_NAME}" ); // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared + $wpdb->query( "ALTER TABLE {$wpdb->prefix}wc_download_log DROP FOREIGN KEY {$fk->CONSTRAINT_NAME}" ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared } } } @@ -1880,14 +1892,14 @@ function wc_update_350_db_version() { */ function wc_update_352_drop_download_log_fk() { global $wpdb; - $results = $wpdb->get_results( " - SELECT CONSTRAINT_NAME + $results = $wpdb->get_results( + "SELECT CONSTRAINT_NAME FROM information_schema.TABLE_CONSTRAINTS WHERE CONSTRAINT_SCHEMA = '{$wpdb->dbname}' AND CONSTRAINT_NAME = 'fk_wc_download_log_permission_id' AND CONSTRAINT_TYPE = 'FOREIGN KEY' - AND TABLE_NAME = '{$wpdb->prefix}wc_download_log' - " ); + AND TABLE_NAME = '{$wpdb->prefix}wc_download_log'" + ); // We only need to drop the old key as WC_Install::create_tables() takes care of creating the new FK. if ( $results ) {