Hi I am trying to create a custom search/filter for Learndash. I am displaying a custom grid of courses and we have enough courses now where we need to provide additional functionality to search them. Currently we want to provide a search function and filter by Course Tags. After some headaches I think I have the filter by Course Tags working. However the search bar is odd in that when I type something in and submit, it adds the keyword into the URL as normal and even when outputting the query it has the keyword but for some reason when it reaches the actual query, it adds a randomly generated string each side of the word, like for example if searching manual it will have this {c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}manual{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}
The following is the code I have put into a custom search template file for courses. Towards the bottom is the form that is output onto the page.
<?php
// Get selected tags from the query string
$selected_tags = isset($_GET['selected_tags']) ? $_GET['selected_tags'] : array();
// Get the search query
// $search_query = isset($_GET['search_query']) ? sanitize_text_field($_GET['search_query']) : '';
$search_query = isset($_GET['search_query']) ? $_GET['search_query'] : '';
// Get the current page number
$paged = (get_query_var('paged')) ? get_query_var('paged') : 1;
// Get the list of tags for your custom post type
$args = array(
'post_type' => 'sfwd_courses', // Replace with your post type
'taxonomy' => 'ld_course_tag',
'hide_empty' => false, // Show empty tags
);
$tags = get_terms($args);
// Prepare arguments for the custom query
$args = array(
'post_type' => 'sfwd_courses', // Replace with your post type
'tax_query' => array(
array(
'taxonomy' => 'ld_course_tag',
'field' => 'slug',
'terms' => $selected_tags,
)
),
's' => $search_query, // Include the search query
'paged' => $paged, // Pagination parameter
);
// Run the custom query
$custom_query = new WP_Query($args);
?>
<form role="search" method="get" id="searchform block" class="search-form" action="<?php echo esc_url( home_url( '/' ) ); ?>" >
<input type="search" name="search_query" value="<?php echo esc_attr($search_query); ?>" placeholder="Search">
<?php foreach ($tags as $tag) : ?>
<input type="checkbox" name="selected_tags[]" value="<?php echo $tag->slug; ?>" <?php checked(in_array($tag->slug, $selected_tags)); ?>> <?php echo $tag->name; ?><br>
<?php endforeach; ?>
<input type="hidden" name="post_type" value="sfwd-courses" />
<button class="button" type="submit" id="searchsubmit">
<i class="fal fa-search"></i>
</button>
</form>
Here is the entire query
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID
FROM wp_posts
WHERE 1=1 AND (
0 = 1
) AND (((wp_posts.post_title LIKE '{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}manual{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}') OR (wp_posts.post_excerpt LIKE '{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}manual{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}') OR (wp_posts.post_content LIKE '{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}manual{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}'))) AND ((wp_posts.post_type = 'sfwd-courses' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled' OR wp_posts.post_status = 'graded' OR wp_posts.post_status = 'not_graded' OR wp_posts.post_status = 'rejected'
OR wp_posts.post_status = 'private')))
GROUP BY wp_posts.ID
ORDER BY wp_posts.post_title LIKE '{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}manual{c4865aad7be148c64df6edddbe4e4f260e0c3da5955a4953e455ecab5cd1575d}' DESC, wpft_posts.post_date DESC
LIMIT 0, 12
Would anyone know why this text is getting added? Do I need to run it through a function or something?
This is a token added by WordPress's anti-SQL-injection code to handle the wildcard
%and_characters it uses for doingLIKE '%yourSearchTerm%'.It looks bizarre, but it gets removed before actually using the database.