wpdb

问题 I have a hard time figuring out if I should be using $wpdb->prepare on my database queries in WordPress to prevent things such as SQL injection. The $wpdb Codex shows some examples using the $wpdb->prepare function, and other examples not using it. Also, in this answer on StackOverflow, someone mentioned that a function such as $wpdb->insert has the same level of safety as using $wpdb->prepare . But what about other $wpdb functions such as $wpdb->get_var or $wpdb->query ? When should I use

问题 I have a perfectly working wpdb prepare statement before Wordpress 3.5. This is my line: $post_id = $wpdb->get_var($wpdb->prepare( "SELECT a.post_id FROM $metatable AS a JOIN $metatable AS b ON a.post_id = b.post_id WHERE a.meta_value = '$valuex1' AND b.meta_value = '$valuex2'")); Now with Wordpress 3.5, this returns a warning since this is not fully sanitized. I have modified this to use placeholders as advised by Wordpress: $post_id = $wpdb->get_var($wpdb->prepare("SELECT a.post_id FROM

问题 I have been delving into the world of Javascript and AJAX. I am super close, but for some reason I do not think I am hooking into wordpress ajax functions right. I have poured through the docs and this and think it is 99% there. Is what this app does is there is a list of items. Each one with a + button. Clicking the button pops up a confirm box, and if confirmed grabs the needed data to pass to the php. The php adds the item into mysql with wpdb->insert. It also does some changes if you buy.

问题 I have been delving into the world of Javascript and AJAX. I am super close, but for some reason I do not think I am hooking into wordpress ajax functions right. I have poured through the docs and this and think it is 99% there. Is what this app does is there is a list of items. Each one with a + button. Clicking the button pops up a confirm box, and if confirmed grabs the needed data to pass to the php. The php adds the item into mysql with wpdb->insert. It also does some changes if you buy.

问题 My code is correct (I've been programming for 13 years), but for some reason when I use a variable in a SELECT query in the WHERE clause, I get no result. If I hardcode it, it works. How could this be? Blowing my mind... $track = $wpdb->get_row($wpdb->prepare("SELECT tracking_id, order_id, outbound_tracking_number, return_tracking_numbers FROM wp_woocommerce_trackingnumbers WHERE order_id = %s", $o_id)); Thanks! 回答1: I think it should be ( %s should be %d ) $track = $wpdb->get_row($wpdb-

问题 I am unfamiliar with AJAX and am having a difficult time trying to learn it for what I need. I need to write ajax calls within a foreach loop. if i just use PHP calls they will all fire even if i don't use the onclick event. What im basically doing is writing out a list from the DB and adding a remove button to the row. when the remove link is clicked, it will fire a query to update a field in the DB for item. My index.php file <?php foreach ($items as $item) : ?> <tr> <td><?php echo $item[

问题 I am working on a paypal IPN handler that gets an IPN then sends an e-mail. Right now I am testing it trying to access the 'paid' column of my database to make sure the transaction has not already previously been processed. However $wpdb doesn't seem to be returning things correctly. I was able to use $wpdb on another form to insert things into the database but I am having trouble getting it back out. I have tried get_var, get_row, and get_results and tried to access them as objects, arrays,

问题 I am working in WordPress plugin. I create a custom form where user add values and then click on submit button. When user click on submit button its redirect to custom process file, where i write queries for inserting and updating data. I my process.php file, first i call global $wpdb , but my insert and update queries not working so i found a solution from net to require config.php file in my process file. require_once( str_replace('//', '/', dirname(__FILE__) . '/') . '../../../wp-config

问题 I can't update with wpdb->update here is my code : $tweet = $_POST['tweet']; $id = $_POST['id']; $wpdb->update( $table_name, array('id' => $id , 'tweet' => $tweet ), array( 'id' => $id ),array("%d","%s"), array("%d") ); Nothing wrong i think , but i can't update thanks advanced 回答1: $data_update = array('title' => $title ,'parent_id' => $parent_id); $data_where = array('id' => $id); $wpdb->update($table_name , $data_update, $data_where); Simple & working ;) 来源： https://stackoverflow.com

问题 I have a problem in creating advanced search with custom query and using $wpdb->get_results($query , OBJECT); In Normal search in wordpress when we search xxx yyyy or search yyyy xxx we have same results and it's good. But when I am forced to use query to create an advanced search then sequence of words in search fields are important and further xxx yyyy or search yyyy xxx aren't same result. I want to say with an example: I create two input field one for Title and another for Author of my