代替$search = like_escape($_REQUEST[\'q\']);
具有
$search = $wpdb->esc_like( $_REQUEST[\'q\'] );
(注:假设
$_REQUEST
具有标准WP magic\\u quotes\\u gpc转义。)
作为参考,下面是我在“functions.php”中输入的确切代码:
add_action(\'wp_enqueue_scripts\', \'se_wp_enqueue_scripts\');
function se_wp_enqueue_scripts() {
wp_enqueue_script(\'suggest\');
}
add_action(\'wp_footer\', \'se_wp_head\');
function se_wp_head() {
?>
Search: <input id="se_search_element_id" type="text">
<script type="text/javascript">
var se_ajax_url = \'<?php echo admin_url(\'admin-ajax.php\'); ?>\';
jQuery(document).ready(function() {
jQuery(\'#se_search_element_id\').suggest(se_ajax_url + \'?action=se_lookup\', {minchars:1});
});
</script>
<?php
}
add_action(\'wp_ajax_se_lookup\', \'se_lookup\');
add_action(\'wp_ajax_nopriv_se_lookup\', \'se_lookup\');
function se_lookup() {
global $wpdb;
$search = $wpdb->esc_like($_REQUEST[\'q\']);
$query = \'SELECT ID,post_title FROM \' . $wpdb->posts . \'
WHERE post_title LIKE \\\'\' . $search . \'%\\\'
AND post_type = \\\'post\\\'
AND post_status = \\\'publish\\\'
ORDER BY post_title ASC\';
$rows = $wpdb->get_results($query);
foreach ($rows as $row) {
$post_title = $row->post_title;
$id = $row->ID;
echo $post_title, "\\n";
}
wp_die();
}
注意,建议框只是一个列表,因此需要一些样式。。。