更新了问题。经过一次愚蠢的反复试验,我想出了如何处理GET标签数组,我的解决方案,包括post_type和自定义分类法,对于正在寻找解决方案的其他人来说也是如此。是否有任何改进建议,更重要的是,我是否遗漏了一些可能导致XSS /注射攻击的消毒?我使用esc_attr来输入一些数值并转义一些属性,而resst类型依赖于更高级别的wordpress函数,但我想确定。
此外,根据这里的一般方法,有一种更好的方法可以发送一个内爆的字符串,而不是数组var [] = value& var [] = value2& var [] = value3 ..形式?在搜索大量标签等时,它有助于保持网址的健全性。
表格
<form method="get" action="<?php bloginfo('url'); ?>">
<fieldset>
<!-- KEYWORD -->
<input type="text" name="s" value="<?php echo (is_search()) ? the_search_query() : '' ?>" placeholder="search…" maxlength="50" />
<!-- POST TYPES -->
<?php
// set post types that I want to expose
$post_types = array ("fotograf","yazi","afis","video","ses");
// get queried post types (see functions.php, this never defaults to 'any')
$query_types = get_query_var('post_type');
// print checkbox per post type, always part of the query per functions.php, so I skipped isqueried
foreach ($post_types as $post_type): ?>
<input type="checkbox" name="post_type[]" value="<?php echo $post_type ?>" <?php checked( in_array( $post_type, $query_types ) );?> /><label><?php echo $post_type ?></label>
<?php endforeach; ?>
<!-- TAGS -->
<?php
// generate list of tags
$tags = get_tags();
// get queried tags (see functions.php, I choose to use 'tag_slug__in', but you could probably explode the comma separated 'tag' string)
$query_tags = get_query_var('tag_slug__in');
// check if any tags are in the GET (for creating checked checkboxes below)
$isqueried = isset($_GET['tags']);
// print checkbox per tag, pre-checked if part of the query, I defaulted to not checking any if the search implicitly covers all tags, since it would be a bother to uncheck them
foreach ($tags as $tag): ?>
<input type="checkbox" name="tags[]" value="<?php echo $tag->slug ?>" <?php if ($isqueried){ checked( in_array( $tag->slug , $query_tags ) ); } ?> /><label><?php echo $tag->slug ?></label>
<?php endforeach; ?>
<!-- DATE -->
<?php $isqueried = isset($_GET['after']); ?>
<input type="number" name="after" value="<?php echo ($isqueried) ? esc_attr($_GET['after']) : '' ?>" maxlength="4" />
<?php $isqueried = isset($_GET['before']); ?>
<input type="number" name="before" value="<?php echo ($isqueried) ? esc_attr($_GET['before']) : '' ?>" maxlength="4" />
<!-- CITIES -->
<?php
// generate list of terms
$cities = get_terms('sehir');
// explode queried terms into array, alternately could check if part of string below
$query_cities = explode(',' , get_query_var('sehir'));
// check if the term was queried
$isqueried = isset($_GET['city']);
// print checkbox per tag, pre-checked if part of the query, I defaulted to not checking any if the search implicitly covers all tags, since it would be a bother to uncheck them
foreach ($cities as $city): ?>
<input type="checkbox" name="city[]" value="<?php echo $city->slug ?>" <?php if ($isqueried){ checked( in_array( $city->slug , $query_cities ) ); } ?> /><label><?php echo $city->name ?></label>
<?php endforeach; ?>
<button type="submit">Search</button>
</fieldset>
</form>
的functions.php
function filter_search_query($query) {
if($query->is_search()) {
// get original meta query
$meta_query = $query->get('meta_query');
if (!empty($_GET['after']))
{
$after = intval($_GET['after']);
//Add our meta query to the original meta queries
$meta_query[] = array(
'key' => 'tarih',
'value' => $after,
'compare' => '>=',
);
}
if (!empty($_GET['before']))
{
$before = intval($_GET['before']);
//Add our meta query to the original meta queries
$meta_query[] = array(
'key' => 'tarih',
'value' => $before,
'compare' => '<=',
);
}
// update the meta query args
$query->set('meta_query', $meta_query);
// if the user GETed any tags, set that array to tag_slug__in ( you could explode the array to comma separated string and pass it by tag too I think)
if (isset($_GET['tags']) && is_array($_GET['tags'])) {
$tags = explode ('_', sanitize_key( implode('_', $_GET['tags']) ));
$query->set('tag_slug__in', $tags);
}
// if the user GETed any cities, set that array to compare with taxonomy('sehir') ( you could explode the array to comma separated string and pass it by tag too I think)
if (isset($_GET['city']) && is_array($_GET['city'])) {
$query_cities = sanitize_key( implode(',' , $_GET['city']) );
$query->set( 'sehir', $query_cities );
}
// limit to these post types if not declared in GET
if (!isset($_GET['post_type'])) {
$default_post_types = array ("fotograf","yazi","afis","video","ses");
$query->set('post_type', $default_post_types);
}
return $query;
}
}
add_action('pre_get_posts', 'filter_search_query', 1000);