[wp-trac] [WordPress Trac] #3861: need a standardized way to include private posts in queries

WordPress Trac wp-trac at lists.automattic.com
Sat Feb 24 06:15:36 GMT 2007 

#3861: need a standardized way to include private posts in queries
---------------------------+------------------------------------------------
 Reporter:  molecularbear  |       Owner:  anonymous
     Type:  task           |      Status:  new      
 Priority:  normal         |   Milestone:  2.1.2    
Component:  General        |     Version:  2.1.1    
 Severity:  normal         |    Keywords:           
---------------------------+------------------------------------------------
 The codebase is currently littered with ad hoc queries that perform
 various selections on wp_posts. This makes the code very difficult to
 maintain - case in point is the inclusion of "post_status = 'private'"
 when appropriate. The idea is that a user who has 'read_private_posts'
 should always see private posts; such a user should also see stats (i.e.
 post count) that include private posts. To make this possible, one would
 need to modify quite a few queries scattererd about the code.

 While the ideal solution is to do a massive code cleanup, centralizing all
 the queries in a few classes, I have a less tedious solution. Attached is
 a patch to wp-includes/post.php that adds a single function:
 wp_get_pub_and_priv_sql($post_type). I'll let the comment block do the
 describing:

 {{{
  * This function provides a standardized way to appropriately select on
  * the post_status of posts/pages. The function will return a piece of
  * SQL code that can be added to a WHERE clause; this SQL is constructed
  * to allow all published posts, and all private posts to which the user
  * has access.
  * @param string $post_type currently only supports 'post' or 'page'.
  * @return string SQL code that can be added to a where clause.
 }}}

 Instead of dropping in a bunch of code to every query that needs it, one
 would do something like:

 {{{$query = "SELECT * FROM wp_posts WHERE <conds> AND " .
 wp_get_pub_and_priv_sql('post');}}}

 This makes the code easier to write, takes some of the public-vs-private
 burden off of the programmer, and most importantly, centralizes the logic.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/3861>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list