Hi David,
After upgrading Wordpress from 4.9.1 to 4.9.2 tonight the shortcode for pto_featured (PTO version 2.0) stopped working, nothing is displayed. pto_search still works fine and produces results. On the standalone HTML site all featured products are shown.
I enabled Wordpress debug and got these warnings (I put them all in just to be sure, pardon my Dutch):
{code saved}
Do you have any idea if and why it's the WP upgrade that causes the denial? I have turned off each plugin one by one but it doesn't make a difference.
Hope you can help!
kind regards, Marlies
David,
You always manage to brighten my day :-)
Cheers,
Marlies
Hello Marlies,
In version 2 of the plugin there were two instances of calls to mysql_real_escape_string that should have been converted to the $wpdb->escape() call (consistent with the rest of version 2, version 3 uses esc_sql). To fix this for your installation, edit pto_featured.php and look for the following code beginning at line 56:
$sqlNames[] = "'".mysql_real_escape_string($row->name)."'";$sqlCase .= " WHEN '".mysql_real_escape_string($row->name)."' THEN ".$row->sequence;
...and REPLACE with:
$sqlNames[] = "'".$wpdb->escape($row->name)."'";$sqlCase .= " WHEN '".$wpdb->escape($row->name)."' THEN ".$row->sequence;
Cheers,
David.
--
PriceTapestry.com