[wp-hackers] wpdb->prepare with variables for table and keys

Olivier autremonde75 at gmail.com
Wed May 5 13:42:29 UTC 2010


I am trying to perform a query like this :
$count = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM %s WHERE
%s = %s",$table,$idkey,$idvalue));

But it doesn't work, I have to end up doing this to have it work which
means that $type and $idfield won't be escaped before performing the
query and thus have to be verified before :
$count = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM $type
WHERE $idfield = %s",$idvalue));

So my question is "simple" : is the %s, %d, %% syntax to be used only
for the values in the WHERE statments?

More information about the wp-hackers mailing list