Support » Plugins » Hacks » error after update : Warning: Missing argument 2 for wpdb::prepare()

  • I update the WP version, and I am getting this error on top of the site and the admin section.

    Warning: Missing argument 2 for wpdb::prepare(), called in /home/content/65/6388800/html/domain/cms/wp-content/themes/cts/includes/widget_areas.php on line 154 and defined in /home/content/65/6388800/html/domain/cms/wp-includes/wp-db.php on line 1147

    > this I have in the file on line widget_areas.php

    /**
     * Register all custom sidebars
     *
     * @author Ohad Raz
     * @return Void
     */
    function register_theme_sidebars_dynamic(){
        global $wpdb;
    	//post and pages sidebars
    	$widgetized_pages = $wpdb->get_col($wpdb->prepare("SELECT DISTINCT meta_value FROM $wpdb->postmeta WHERE meta_key = 'omc_page_sidebar'"));
    
    	if($widgetized_pages){
    	    foreach($widgetized_pages as $w_page){
    	        $widget_id = strtolower(str_replace(' ', '_', $w_page));
    	        register_sidebar(array(
    	            'name' => $w_page,
    	            'id'   => 'jw_widgetsection_'.$widget_id,
    	            'description'   => '',
    	            'before_widget' => '<li id="%1$s" class="omc-widget %2$s">',
    	            'after_widget' => '',
    	            'before_title' => '<h3 class="widgettitle"><span>',
    	            'after_title' => '</span></h3>'
    	        ));
    	     }// For each
    	}//End If
    
    > and bellow from wp-db.php
    
    function prepare( $query, $args ) {
    		if ( is_null( $query ) )
    			return;
    
    		// This is not meant to be foolproof -- but it will catch obviously incorrect usage.
    		if ( strpos( $query, '%' ) === false ) {
    			_doing_it_wrong( 'wpdb::prepare', sprintf( __( 'The query argument of %s must have a placeholder.' ), 'wpdb::prepare()' ), '3.9' );
    		}
    
    		$args = func_get_args();
    		array_shift( $args );
    		// If args were passed as an array (as in vsprintf), move them up
    		if ( isset( $args[0] ) && is_array($args[0]) )
    			$args = $args[0];
    		$query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it
    		$query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting
    		$query = preg_replace( '|(?<!%)%f|' , '%F', $query ); // Force floats to be locale unaware
    		$query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the strings, avoiding escaped strings like %%s
    		array_walk( $args, array( $this, 'escape_by_ref' ) );
    		return @vsprintf( $query, $args );
    	}

    [Moderator Note: Please post code & markup between backticks or use the code button. Your posted code may now have been damaged by the forum’s parser.]

    << Can anyone help?

    Thanks in advance.

Viewing 2 replies - 1 through 2 (of 2 total)
  • above code is two part from two different files;

    > first part from; file widget_areas.php
    > and second part from wp-db.php

    You are calling prepare incorrectly.
    Correct usage substitutes %s and %d in the query with your arguments (which are presumably unsafe and vulnerable to SQL injection).

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘error after update : Warning: Missing argument 2 for wpdb::prepare()’ is closed to new replies.