Hello Willem,
Not compatible with what?
mysql_real_escape_string() does the same as esc_sql() in a manner.
We have changed this out now though.
Thread Starter
wjroes
(@wjroes)
Wow, okay, didn’t see this one coming from a developer, but please see this http://make.wordpress.org/core/2014/04/07/mysql-in-wordpress-3-9/ (especially regarding use of PHP5.5), this http://php.net/mysql_real_escape_string and this http://php.net/manual/en/mysqli.overview.php regarding use of mysql versus mysqli
And finally, there is a reason WordPress uses abstraction functions for low(er) level PHP calls.
Thanks for creating this plugin nonetheless!
Thanks for your response.
We have just released version 1.4.2 with mysql_real_escape_string()
switched out with esc_sql()
accordingly.
Please update, let me know if it is okay and consider to give a better rating if you are happy with it. We work very hard to maintain this plugin and give it away for free and then we just get bad ratings for some reason.
Have you tried the new version with esc_sql()?
Thread Starter
wjroes
(@wjroes)
Hi Antonie,
Yes, I did and obviously it works fine now. I will rate the plugin once I have had the opportunity to use it a bit more. Thanks.
Just one more remark, please change the instructions to not say To hardcode into any PHP file of your WordPress theme, simply use <?php if (function_exists('slideshow')) { slideshow($output = true, $post_id = false, $gallery_id = false, $params = array()); } ?>
since people will just copy-and-paste this and it will not work.
Come to think of it, it might work, but it would be awful coding to do variable assignments in a function call.
Willem
Thank you for your response.
Yes, it will work with the variable assignment in the parameters of the function call. Either way, we will improve those instructions, thank you for the suggestion.
Enjoy the new version and let us know if you need assistance.