[wp-trac] [WordPress Trac] #41925: Bring back, support and document %1$s support in wpdb->prepare
WordPress Trac
noreply at wordpress.org
Wed Sep 20 10:00:51 UTC 2017
#41925: Bring back, support and document %1$s support in wpdb->prepare
-----------------------------+-----------------------------
Reporter: soulseekah | Owner:
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Database | Version: trunk
Severity: normal | Keywords:
Focuses: |
-----------------------------+-----------------------------
4.8.2 specifically restricts the very convenient usage of %1$s, %1$d, %1%f
placeholders in WPDB::prepare. For yet undisclosed security purposes.
Since this has been very widely used in code as an undocumented feature, I
propose to bring it back, provide official support and documentation for
it.
https://github.com/search?q=wpdb-%3Eprepare+%251%24s&type=Code&utf8=%E2%9C%93
over 1.2 million search results using the no longer supported syntax.
Including the very popular Yoast SEO plugin which broke unexpectedly with
the recent security update.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/41925>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list