[wp-trac] [WordPress Trac] #11318: $wpdb->prepare() Chokes on LIKE conditions?

WordPress Trac wp-trac at lists.automattic.com
Fri Dec 4 22:56:20 UTC 2009


#11318: $wpdb->prepare() Chokes on LIKE conditions?
--------------------------+-------------------------------------------------
 Reporter:  miqrogroove   |        Owner:  ryan      
     Type:  defect (bug)  |       Status:  closed    
 Priority:  normal        |    Milestone:            
Component:  Database      |      Version:  2.8.4     
 Severity:  normal        |   Resolution:  worksforme
 Keywords:                |  
--------------------------+-------------------------------------------------
Changes (by dd32):

  * status:  new => closed
  * resolution:  => worksforme
  * milestone:  3.0 =>


Comment:

 Due to Prepare utilising the printf syntax of '%s' and alike, Its
 impossible to simply add a single % to a query.

 You only need to use Prepare() when making a query which has params, not a
 hardcoded query.

 The 2 options are:
  1. escape the % in printf style: {{{var_dump($wpdb->prepare("SELECT 1
 WHERE col1 LIKE 'image%%'"));}}}
  2. add it as a param: {{{var_dump($wpdb->prepare("SELECT 1 WHERE col1
 LIKE %s", 'image%'));}}}

 Closing as worksforme, as those 2 options work around it. Its not worth
 implementing our own vsprintf just for that single function, If it can be
 done in other ways.. i think its worth it due to the benefits which the
 current implementation brings.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/11318#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list