GC_Date_Query::validate_column()

最后更新于：2021-11-27 13:41:24

GC_Date_Query::validate_column( string$column)

Validates a column name parameter.

参数

$column: (string) (Required) The user-supplied column name.

响应

(string) A validated column name value.

源文件

文件: gc-includes/class-gc-date-query.php

	public function validate_column( $column ) {
		global $gcdb;

		$valid_columns = array(
			'post_date',
			'post_date_gmt',
			'post_modified',
			'post_modified_gmt',
			'comment_date',
			'comment_date_gmt',
			'user_registered',
			'registered',
			'last_updated',
		);

		// Attempt to detect a table prefix.
		if ( false === strpos( $column, '.' ) ) {
			/**
			 * Filters the list of valid date query columns.
			 *
			 * @since 3.7.0
			 * @since 4.1.0 Added 'user_registered' to the default recognized columns.
			 *
			 * @param string[] $valid_columns An array of valid date query columns. Defaults
			 *                                are 'post_date', 'post_date_gmt', 'post_modified',
			 *                                'post_modified_gmt', 'comment_date', 'comment_date_gmt',
			 *                                'user_registered'
			 */
			if ( ! in_array( $column, apply_filters( 'date_query_valid_columns', $valid_columns ), true ) ) {
				$column = 'post_date';
			}

			$known_columns = array(
				$gcdb->posts    => array(
					'post_date',
					'post_date_gmt',
					'post_modified',
					'post_modified_gmt',
				),
				$gcdb->comments => array(
					'comment_date',
					'comment_date_gmt',
				),
				$gcdb->users    => array(
					'user_registered',
				),
				$gcdb->blogs    => array(
					'registered',
					'last_updated',
				),
			);

			// If it's a known column name, add the appropriate table prefix.
			foreach ( $known_columns as $table_name => $table_columns ) {
				if ( in_array( $column, $table_columns, true ) ) {
					$column = $table_name . '.' . $column;
					break;
				}
			}
		}

		// Remove unsafe characters.
		return preg_replace( '/[^a-zA-Z0-9_$.]/', '', $column );
	}