diff --git a/output/gigpress_related.php b/output/gigpress_related.php index 0025f32..39da18b 100644 --- a/output/gigpress_related.php +++ b/output/gigpress_related.php @@ -1,26 +1,32 @@ 'all', - 'sort' => 'asc' - ), $args)); + 'sort' => 'asc', + ]; + $arguments = shortcode_atts( $default_args, $args ); + + $sort = strtolower( sanitize_key( $arguments['sort'] ) ); + if ( ! in_array( $sort, [ 'asc', 'desc' ] ) ) { + $sort = 'asc'; + } $sort = gigpress_sanitize_sort($sort, $default = 'asc'); // Date conditionals based on scope - switch($scope) { + switch ( $arguments['scope'] ) { case 'upcoming': $date_condition = ">= '" . GIGPRESS_NOW . "'"; break; @@ -31,26 +37,45 @@ function gigpress_show_related($args = array(), $content = '') { $date_condition = "IS NOT NULL"; } + $artists_table = GIGPRESS_ARTISTS; + $venues_table = GIGPRESS_VENUES; + $shows_table = GIGPRESS_SHOWS; + $tours_table = GIGPRESS_TOURS; + $shows = $wpdb->get_results( - $wpdb->prepare("SELECT * FROM " . GIGPRESS_ARTISTS . " AS a, " . GIGPRESS_VENUES . " as v, " . GIGPRESS_SHOWS ." AS s LEFT JOIN " . GIGPRESS_TOURS . " AS t ON s.show_tour_id = t.tour_id WHERE show_related = %d AND show_expire " . $date_condition . " AND show_status != 'deleted' AND s.show_artist_id = a.artist_id AND s.show_venue_id = v.venue_id ORDER BY show_date " . $sort . ",show_expire " . $sort . ",show_time " . $sort, $post->ID) + $wpdb->prepare( + " + SELECT * + FROM {$artists_table} AS a, + {$venues_table} as v, + {$shows_table} AS s + LEFT JOIN {$tours_table} AS t + ON s.show_tour_id = t.tour_id + WHERE show_related = %d + AND show_expire {$date_condition} + AND show_status != 'deleted' + AND s.show_artist_id = a.artist_id + AND s.show_venue_id = v.venue_id + ORDER BY show_date {$sort}, show_expire {$sort}, show_time {$sort}", + $post->ID + ) ); - if($shows != FALSE) { + if ( $shows != false ) { - $shows_markup = array(); + $shows_markup = []; ob_start(); - $count = 1; - $total_shows = count($shows); - foreach ($shows as $show) { - $showdata = gigpress_prepare($show, 'related'); - include gigpress_template('related'); - if($gpo['output_schema_json'] == 'y') - { - $show_markup = gigpress_json_ld($showdata); - array_push($shows_markup,$show_markup); + $count = 1; + $total_shows = count( $shows ); + foreach ( $shows as $show ) { + $showdata = gigpress_prepare( $show, 'related' ); + include gigpress_template( 'related' ); + if ( $gpo['output_schema_json'] == 'y' ) { + $show_markup = gigpress_json_ld( $showdata ); + array_push( $shows_markup, $show_markup ); } - $count++; + $count ++; } $giginfo = ob_get_clean(); @@ -61,17 +86,13 @@ function gigpress_show_related($args = array(), $content = '') { $output = $content . $giginfo; } - if(!empty($shows_markup)) - { + if ( ! empty( $shows_markup ) ) { $output .= ''; } diff --git a/readme.txt b/readme.txt index fc2fad1..35f0ae2 100644 --- a/readme.txt +++ b/readme.txt @@ -36,13 +36,13 @@ If you want to go beyond GigPress, we also have other plugins that could work gr == Changelog == -= 2.3.29 [2023-02-25] = += 2.3.29 [2023-04-27] = -* Tweak - Improving safety for all shortcode parameters +* Tweak - Resolve a problematic usage of the shortcodes params improving the safety of the plugin. = 2.3.28 [2022-12-27] = -* Tweak - Resolve a problematic usaged of the shortcode `[gigpress_menu]` improving the safety of the plugin. +* Tweak - Resolve a problematic usage of the shortcode `[gigpress_menu]` improving the safety of the plugin. = 2.3.27 [2021-12-03] =