[buddypress-trac] [BuddyPress] #4654: incorrect usage of $wpdb->prepare()

buddypress-trac noreply at wordpress.org
Mon Nov 12 21:42:53 UTC 2012


#4654: incorrect usage of $wpdb->prepare()
----------------------------+------------------
 Reporter:  anointed        |       Owner:
     Type:  defect (bug)    |      Status:  new
 Priority:  normal          |   Milestone:  1.7
Component:  All Components  |     Version:
 Severity:  normal          |  Resolution:
 Keywords:                  |
----------------------------+------------------

Comment (by companyjuice):

 For visitors reading this, the workaround/fix for these is to remove the
 $wpdb->prepare(); function that only has 1 string argument, for example,
 on line 94 of \wordpress\wp-content\plugins\buddypress\bp-friends\bp-
 friends-classes.php:

 $friends = $wpdb->get_results( $wpdb->prepare( "SELECT friend_user_id,
 initiator_user_id FROM {$bp->friends->table_name} $friend_sql $oc_sql
 ORDER BY date_created DESC" ) );

 BECOMES:

 $friends = $wpdb->get_results( "SELECT friend_user_id, initiator_user_id
 FROM {$bp->friends->table_name} $friend_sql $oc_sql ORDER BY date_created
 DESC" );

 ---
 Thanks -- Marty McGee (companyjuice)

-- 
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/4654#comment:17>
BuddyPress <http://buddypress.org/>
BuddyPress


More information about the buddypress-trac mailing list