您好,我正在尝试为 Learndash 创建自定义搜索/过滤器。我正在显示一个自定义的课程网格,我们现在有足够的课程,我们需要提供额外的功能来搜索它们。 目前我们希望提供搜索功能并按课程标签进行过滤。 经过一些头痛之后,我想我已经按课程标签过滤了。然而,搜索栏很奇怪,因为当我输入内容并提交时,它会像平常一样将关键字添加到 URL 中,甚至在输出查询时它也有关键字,但由于某种原因,当它到达实际查询时,它会随机添加一个生成单词每一侧的字符串,例如如果搜索manual,它将有这个 {c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}手册{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}
以下是我放入课程的自定义搜索模板文件中的代码。底部是输出到页面上的表单。
<?php
// Get selected tags from the query string
$selected_tags = isset($_GET['selected_tags']) ? $_GET['selected_tags'] : array();
// Get the search query
// $search_query = isset($_GET['search_query']) ? sanitize_text_field($_GET['search_query']) : '';
$search_query = isset($_GET['search_query']) ? $_GET['search_query'] : '';
// Get the current page number
$paged = (get_query_var('paged')) ? get_query_var('paged') : 1;
// Get the list of tags for your custom post type
$args = array(
'post_type' => 'sfwd_courses', // Replace with your post type
'taxonomy' => 'ld_course_tag',
'hide_empty' => false, // Show empty tags
);
$tags = get_terms($args);
// Prepare arguments for the custom query
$args = array(
'post_type' => 'sfwd_courses', // Replace with your post type
'tax_query' => array(
array(
'taxonomy' => 'ld_course_tag',
'field' => 'slug',
'terms' => $selected_tags,
)
),
's' => $search_query, // Include the search query
'paged' => $paged, // Pagination parameter
);
// Run the custom query
$custom_query = new WP_Query($args);
?>
<form role="search" method="get" id="searchform block" class="search-form" action="<?php echo esc_url( home_url( '/' ) ); ?>" >
<input type="search" name="search_query" value="<?php echo esc_attr($search_query); ?>" placeholder="Search">
<?php foreach ($tags as $tag) : ?>
<input type="checkbox" name="selected_tags[]" value="<?php echo $tag->slug; ?>" <?php checked(in_array($tag->slug, $selected_tags)); ?>> <?php echo $tag->name; ?><br>
<?php endforeach; ?>
<input type="hidden" name="post_type" value="sfwd-courses" />
<button class="button" type="submit" id="searchsubmit">
<i class="fal fa-search"></i>
</button>
</form>
这是整个查询
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID
FROM wp_posts
WHERE 1=1 AND (
0 = 1
) AND (((wp_posts.post_title LIKE '{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}manual{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}') OR (wp_posts.post_excerpt LIKE '{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}manual{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}') OR (wp_posts.post_content LIKE '{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}manual{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}'))) AND ((wp_posts.post_type = 'sfwd-courses' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled' OR wp_posts.post_status = 'graded' OR wp_posts.post_status = 'not_graded' OR wp_posts.post_status = 'rejected'
OR wp_posts.post_status = 'private')))
GROUP BY wp_posts.ID
ORDER BY wp_posts.post_title LIKE '{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}manual{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}' DESC, wpft_posts.post_date DESC
LIMIT 0, 12
有人知道为什么要添加此文本吗?我需要通过函数或其他东西来运行它吗?
这是 WordPress 的反 SQL 注入代码添加的令牌,用于处理用于执行
%
操作的通配符 _
和 LIKE '%yourSearchTerm%'
字符。
它看起来很奇怪,但在实际使用数据库之前它就被删除了。