WordPress.org

Ready to get started?Download WordPress

Forums

Secure Invites
Missing argument 2 for wpdb (9 posts)

  1. hippypink
    Member
    Posted 1 year ago #

    Warning: Missing argument 2 for wpdb::prepare(), called in /home/public_html/EXAMPLE.COM/wp-content/plugins/wordpress-mu-secure-invites/secure_invite.php on line 1590 and defined in /home/public_html/EXAMPLE.COM/wp-includes/wp-db.php on line 990

    http://wordpress.org/extend/plugins/wordpress-mu-secure-invites/

  2. hippypink
    Member
    Posted 1 year ago #

    Running latest version of WordPress, and no plugins.

  3. adrian.dakota
    Member
    Posted 1 year ago #

    It's to do with some changes on calling the prepare() function in WordPress 3.5.

    I had to go into the source code of the plugin and change some things around in order to make it work properly. I can't remember the exact changes, but it was basically finding all the instances of the prepare() function and making sure that %d came before %s in the code.

    Hope that helped!

  4. maximinime
    Member
    Posted 1 year ago #

    It's to do with incorrect use of the prepare() method.

    The whole point of it is for WordPress to do the escaping of parameters for you, but many plugin authors still write queries where prepare is either not needed (no parameters), or they've put the unescaped values into a query and think prepare() will magically know which parts of the resulting string need escaping. In this case, the plugin has one query that doesn't need it:

    in function secure_inviters_get_signups_by_code()
    change $sql = $wpdb->prepare( "select count(u.ID) as signups,
    to $sql = "select count(u.ID) as signups,
    and order by count(u.ID) desc;" );
    to order by count(u.ID) desc;";

  5. Matt
    Member
    Posted 1 year ago #

    @maximinime to my knowledge and testing that doesn't solve the problem.

    Can you elaborate? Or double check on your end?

  6. maximinime
    Member
    Posted 1 year ago #

    At the time I wrote that fix, that string literal of SQL was wrapped in prepare(). Unwrapping it solved the issue for me. There are two, separate lines that need alteration (the "and" is not part of the query). I am no longer using the plugin.

  7. Matt
    Member
    Posted 1 year ago #

    I pasted it in again and now working like a champ! Thanks.

    Are you using an alternative now?

    Happy Coding!

  8. Matt
    Member
    Posted 1 year ago #

    @adrian.dakota do you know what your
    function secure_invite_email_exists

    looks like?

    Can you share the entire file? Still getting a few errors after using @maximinime's solution. But no longer receiving the error I was thanks to him.

    Cheers

  9. Chris Taylor
    Member
    Plugin Author

    Posted 1 year ago #

    Thanks @maximinime, I have removed that incorrect use of prepare() and will soon be releasing version 1.2.5.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.