I’m running wpmu on heroku using a postgres extension. It works great, but I have a plugin that needs to get the userId based on the e-mail-adress. This is how it does it:
$sql = 'SELECT id FROM ' . $wpdb->users . ' WHERE user_email='' . addslashes($from) . "' LIMIT 1;";
$user_ID = $wpdb->get_var($sql);
$wpdb->get_var($sql) returns nothing. I’m trying to figure out why.
The plugin should use the API, not some made-up SQL.
addslashes()is not safe enough anyway.Besides that, the user tables are almost the same, there are just some tighter restrictions for user names in multi-site, because new sub domains could be made from the names.