[wp-trac] [WordPress Trac] #11102: $wpdb->prepare should merge all arguments to pass to vsprintf
WordPress Trac
wp-trac at lists.automattic.com
Sun Nov 8 19:41:34 UTC 2009
#11102: $wpdb->prepare should merge all arguments to pass to vsprintf
-------------------------+--------------------------------------------------
Reporter: westi | Owner: westi
Type: enhancement | Status: new
Priority: normal | Milestone: 3.0
Component: Database | Version: 2.9
Severity: normal | Keywords: has-patch early
-------------------------+--------------------------------------------------
Comment(by azaozz):
Not sure if that really improves things. Passing an array seems to make
sense only in `"IN (5,10,20, ...)"` where the length of the array is not
fixed.
MySQL seems to accept both `"IN (5,10,20, ...)"` and `"IN ('5','10','20',
...)"` (it casts string to int when comparing with a numeric column) so we
can `join( "','", $array )` and pass it as a string. This is already used
in about 50 places in core including #11100.
In this case a query would look like:
{{{
$wpdb->prepare("SELECT * FROM $table WHERE `x` = %s AND type IN (%s)",
$where, $in_array);
}}}
that would expand to:
{{{
SELECT * FROM $table WHERE `x` = 'bar' AND type IN ('5','10','20');
}}}
or
{{{
SELECT * FROM $table WHERE `x` = 'bar' AND type IN ('bar1','bar2','bar3');
}}}
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11102#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list