[wp-hackers] Patch for addition to wpdb
Satyam at satyam.com.ar
Mon May 15 19:43:02 GMT 2006
I was modifying a plug-in I'm using and was about to add a function that I
have been dragging from several languages I've used over the years. Since
the function is of general use, I thought it might as well be put into the
core of WordPress, so I decided to enter this list and offer it and request
comments and ask for guidance on how to submit it for review
It can be added easily and harmlessly to the method query without even
breaking existing code.
It is a sort of sprintf() but oriented to SQL. As with sprintf, if it has
no %placeholder, it returns the same string, thus it can be inserted into
wpdb::query without breaking anything. Since % is a valid operator in SQL,
I used ?, which is not.
echo BuildSql('Insert into ?ttable
Insert into wp_table ('Something',null,5,'2006-05-15',null,0)
Notice the ?t placeholder in front ot table. The ?t placeholder is replaced
by the contents of global variable $table_prefix, strings are escaped and
quoted, dates are put into SQL standard format ints, floats and booleans are
actually evaluated so that there cannot be any unexpected things injected.
The piece of code is not long, buy I am hesitant to include it in this
message or attach it since I am not familiar with the ways of this list.
The code is commented and has phpdocumentor comments at the top. Can anyone
guide me on how (and where, if not here) to offer it for comments?
More information about the wp-hackers