[wp-trac] [WordPress Trac] #41926: wpdb->prepare() method inhibits argument numbering
WordPress Trac
noreply at wordpress.org
Wed Sep 20 10:11:43 UTC 2017
#41926: wpdb->prepare() method inhibits argument numbering
--------------------------+-----------------------------
Reporter: ruud@… | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Query | Version: 4.8.2
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
Since 4.8.2 an additional line was added to escape any unescaped percents:
{{{
$query = preg_replace( '/%(?:%|$|([^dsF]))/', '%%\\1', $query ); // escape
any unescaped percents
}}}
this however prohibits the use of numbered arguments like in this query
from Yoast SEO plugin:
{{{
$query = $wpdb->prepare( 'SELECT COUNT( id ) AS incoming, target_post_id
AS post_id
FROM %2$s
WHERE target_post_id IN( %3$s )
GROUP BY target_post_id',
$this->get_table_name(),
$storage->get_table_name(),
implode( ', ', $post_ids )
);
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/41926>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list