wpdb->prepare… How do I use it??? | WordPress.org

lavishcreative
(@lavishcreative)

15 years, 4 months ago

I’m trying to prevent MySQL injection attacks on a plugin I have hacked. What is the correct way to use wpdb->prepare?? There is not enough documentation on it.

I have a form with several (at least 20) values I need to insert into a database.
Do I need to declare each value as ‘%d’ or ‘%s’, or is there a way to batch declare everything to avoid this?

Please give me some clue… Thanks!

Viewing 1 replies (of 1 total)

MichaelH
(@michaelh)

15 years, 4 months ago

Best I can do for you is to point you to some examples:

http://trac.wordpress.org/changeset/7645
http://trac.wordpress.org/changeset/6241
http://trac.wordpress.org/changeset/6180
http://trac.wordpress.org/ticket/5145
http://trac.wordpress.org/ticket/4553

Viewing 1 replies (of 1 total)

The topic ‘wpdb->prepare… How do I use it???’ is closed to new replies.

Tags

In: Fixing WordPress
1 reply
2 participants
Last reply from: MichaelH
Last activity: 15 years, 4 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics