如何在Wordpress $ wpdb中转换此prepare语句以使用占位符? [英] How to convert this prepare statement to use placeholders in Wordpress $wpdb?

问题描述

在Wordpress 3.5之前，我有一个运行良好的wpdb prepare语句.这是我的台词:

I have a perfectly working wpdb prepare statement before Wordpress 3.5. This is my line:

$post_id = $wpdb->get_var($wpdb->prepare( "SELECT a.post_id
        FROM $metatable AS a
        JOIN $metatable AS b ON a.post_id = b.post_id
        WHERE a.meta_value = '$valuex1' AND b.meta_value = '$valuex2'"));

现在使用Wordpress 3.5，由于尚未完全清除，因此将返回警告.我已将其修改为使用Wordpress建议的占位符:

Now with Wordpress 3.5, this returns a warning since this is not fully sanitized. I have modified this to use placeholders as advised by Wordpress:

$post_id = $wpdb->get_var($wpdb->prepare("SELECT a.post_id FROM $metatable AS a JOIN $metatable AS b ON a.post_id = b.post_id WHERE a.meta_value =%d AND b.meta_value =%s",$valuex1,$valuex2));

但是，它不再从数据库中检索正确的信息.我的修改查询有问题吗?如何对其进行更改以使其再次运行?

However,it does not anymore retrieve the correct information from the database. Is there something wrong with my modified query? How to change it so that it will be working again?

感谢您的帮助.

推荐答案

我的糟糕，这很简单！ WordPress使用两个占位符％s和％d.

My bad, this is so simple! Wordpress uses two placeholders %s and %d.

％s

同时:

％d应该用于整数.

我上面的问题是我把它们混合了，我用％d表示字符串，用％s表示整数.因此，通过为您的特定数据类型使用正确的占位符可以解决问题.问题解决了.

My problem above is that I've mixed them up, I use %d for strings or %s for integers. So the problem is resolved by using the correct placeholders for your specific data type. Problem solved.

例如，如果您使用带有PHP变量$ id的id来查询数据库，则占位符应为​​％d，因为它是整数，否则对于字符串(例如名称等)使用％s.

For example if you are querying the database using id with php variable $id, the placeholder should be %d because it's integer otherwise for strings, such as names, etc. use %s.

这篇关于如何在Wordpress $ wpdb中转换此prepare语句以使用占位符?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！