[wp-trac] [WordPress Trac] #42494: $wpdb->prepare placeholder count check is invalid for numbered placeholders
WordPress Trac
noreply at wordpress.org
Thu Nov 9 20:46:21 UTC 2017
#42494: $wpdb->prepare placeholder count check is invalid for numbered placeholders
--------------------------+-----------------------------
Reporter: dominicp | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Database | Version: 4.8.3
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
This is a follow-up to #41925. Apologies if this has already been brought
up or if I missed something obvious.
There seems to be a bug in the logic for the extra checks to make sure the
correct number of arguments are passed to `$wpdb->prepare` when using
numbered placeholders.
One of the reasons to use them is to reference the same parameter multiple
times. So your code can look like this:
{{{
$wpdb->prepare( 'SELECT * FROM wpdb_posts WHERE post_title LIKE "%1$s" OR
post_content LIKE "%1$s"', array( 'fluffy' ) );
}}}
This perfectly valid construction will throw a deprecation error in 4.8.3
due to [[https://core.trac.wordpress.org/browser/trunk/src/wp-includes/wp-
db.php#L1286|this code]] added in [42068].
--
Ticket URL: <https://core.trac.wordpress.org/ticket/42494>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list