I'm trying to prevent MySQL injection attacks on a plugin I have hacked. What is the correct way to use wpdb->prepare?? There is not enough documentation on it.
I have a form with several (at least 20) values I need to insert into a database.
Do I need to declare each value as '%d' or '%s', or is there a way to batch declare everything to avoid this?
Please give me some clue... Thanks!