[wp-trac] [WordPress Trac] #11608: wpdb->prepare() is broken
WordPress Trac
wp-trac at lists.automattic.com
Fri Dec 25 16:27:09 UTC 2009
#11608: wpdb->prepare() is broken
--------------------------+-------------------------------------------------
Reporter: hakre | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.0
Component: Database | Version: 2.9
Severity: normal | Keywords: has-patch tested
--------------------------+-------------------------------------------------
Comment(by sirzooro):
Replying to [comment:26 Denis-de-Bernardy]:
> In retrospect we should have used the syntax that is accepted by PDO for
this stuff, i.e. either of:
>
> {{{
> "SELECT * FROM foo WHERE bar = ?" # ? gets replaced by first variable
> "SELECT * FROM foo WHERE bar = :bar" # :bar gets replaced by variable
named bar
> }}}
We can consider adding new function prepare2() which will use PDO-like
syntax, and mark prepare() as deprecated. This will require a lot of work
(quick search showed 43 files), but we will avoid such problems in the
future. This can be done under another ticket.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11608#comment:30>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list