Articles of prepare statement

How to prevent $wpdb->prepare stripping a leading zero in variable value?

I have a simple database_read function and per accident I noticed order_id’s starting with a leading zero would not give me the expected results. It turns out using $wpdb->prepare strips out leading zero’s. How can i prevent this and still use the prepare method? Here’s the function: function database_read($order_id) { // $order_id = intval($order_id);//this will […]

Use wpdb->prepare for `order by` column name

In my current plugin, I am picking up the order by column as user input. So I thought of using wpdb->prepare to escape it. $wpdb->get_results($wpdb->prepare(“Select id from $wpdb->posts order by %s %s”, $order_by_col, $order_by); This is not working because it gets turned into select id from wp_posts order by ‘post_date’ ‘asc’ (Note the quotes) So […]

How to use IN array properly in WordPress?

I have an array containting these values (including the apostrohpes): ‘course_3202′,’course_3201′,’course_3200′,’course_3199’ I try to fetch results from these values in postmeta-table. SELECT * FROM wp_postmeta WHERE meta_key IN (%s) and meta_value=1 I get no result (yes, there is data and I should get results) RESULT = Array ( ) My code looks like this: function […]

Warning Notice $wpdb->prepare incorrect number of arguments passed

I am receiving this notice when trying to use the $wpdb->prepare function: Notice: wpdb::prepare was called incorrectly. The query does not contain the correct number of placeholders (7) for the number of arguments passed (4). Please see Debugging in WordPress for more information. (This message was added in version 4.8.3.) in C:\wamp\www\wpml\wp-includes\functions.php on line 4139 […]

wpdb::prepare() isn't working

Here’s my code: global $wpdb; $table_name = $wpdb->prefix . ‘product_codes’; // Check if codes exist $query = $wpdb->prepare( “SELECT * FROM %s”, $table_name ); $existing_data = $wpdb->get_results( $query ); // Returns empty array despite data existing print ‘<pre>’; print_r( $existing_data ); print ‘</pre>’; If I enter the table name literally, it works. If I print […]

wpdb->prepare function remove single quote for %s in SQL statment

I am using the below wpdb->prepare function in a sql statement. I am passing in several variables some field names and some values. When I try to use the %s for the field name it puts single quotes around it. How can I prevent the single quotes around the field name? The sql statement will […]

wpdb prepare: passing varible number of fields as second argument

As i want to manage the NULL fields in my db and wordpress functions doesn’t allow to do so, i will need to dynamically generate a query depending on the situation. The problem is that i don’t know how to pass a variable number of fields as second argument! this is what i’ve been tr […]

Can't pass table to $wpdb->prepare

I’m having trouble passing a table variable to $wpdb->prepare(); Here is functioning code: $table = $wpdb->get_blog_prefix( $blog_id ) . ‘my_table’; $voters = $wpdb->get_row($wpdb->prepare(“SELECT * FROM $table WHERE user_id= %d AND post_id = %d;”, $user_ID, $post->ID )); This works great. However I think I should also be including my table in the prepare statement. But, it […]

Is $wpdb->prepare escaping to much? How to use it properly?

Im pretty much confused by $wpdb->prepare. I want to use it to sanitize user input but it turned out that it destroys the query. I cannot imagine that this is how it’s intended to work but I can’t find out what I’m doing wrong. Please be so patient and point me to the solution. The […]

$wpdb->prepare not working with update table prefix

The following does not work with my custom table: $wpdb->prepare(“UPDATE $wpdb->jch_gigs SET available = available – %d WHERE ID = %d”, $quantity, $item) ); But this does: $wpdb->prepare( “UPDATE jch_gigs SET available = available – %d WHERE ID = %d”, $quantity, $item) ); What am I doing wrong?