In my Wordpress plugin I have code snippets that look like this:
$total = $wpdb->get_var($wpdb->prepare(
"
SELECT SUM(Amount)
FROM $table_name
WHERE Account = $user_id AND Timestamp > {$balance['Timestamp']}
",NULL
));
It was working very well for years, but after I recently updated Wordpress to 5.0 I get many errors like this:
Fatal error: Uncaught ArgumentCountError: Too few arguments to function wpdb::prepare(), 1 passed in (...)/pluginfile.php on line 753 and exactly 2 expected in /wp-includes/wp-db.php:1222
Through my research I found that I need to use %s and %d in the wp prepare function but I didn't figure out how to apply it properly to the code above.
We use the 'prepare' method to make sure we're not sending an illegal operation or any illegal characters.
Try modifying your code to the following:
$total = $wpdb->get_var($wpdb->prepare(
"
SELECT SUM(Amount)
FROM $table_name
WHERE Account = %d AND Timestamp > %d
",
$user_id, $balance['Timestamp']
));
Both User ID and a timestamp are integers (whole numbers) so we would use %d.
Possible format values: %s as string; %d as integer (whole number); and %f as float.
For anybody that might run into a similar problem: with the help of the comment above by #entreprenerds I was able to fix the code as follows:
$total = $wpdb->get_var($wpdb->prepare(
"
SELECT SUM(Amount)
FROM $table_name
WHERE Account = %d AND Timestamp > %d
",$user_id, $balance['Timestamp']
));
Thanks!
Related
I can't figure the syntax for this request :
UPDATE my_table SET is_read ='1' WHERE my_date < DATE_SUB(NOW(), INTERVAL 2 DAY
'my_date
for using with wpdb-> update
I have this :
wpdb->update('my_table', array('is_read' => '1'), array('my_date', ... and then I don't know
Need some help. Thanks in advance :)
Example to use SQL queries directly with wpdb:
function setAsRead($days_interval){
global $wpdb;
$result = $wpdb->get_results($wpdb->prepare("UPDATE my_table SET
is_read ='1' WHERE my_date < DATE_SUB(NOW(), INTERVAL %d DAY)",
$days_interval));
return $result;
}
//use
setAsRead(2);
I'm using $wpdb to connect to a different database than my wordpress one like this:
$newdb = new wpdb(DB_NEW_USER, DB_NEW_PASSWORD, DB_NEW_NAME, DB_NEW_HOST);
I need to insert multiple rows into the database.
I used the code from this answer: Wordpress $wpdb. Insert Multiple Records.
To run the query, I use this line:
$newdb->query( $newdb->prepare("$query", $values));
When I do echo $query, this is the result: (there are more than 3 columns, but I shortened if for times sake)
INSERT INTO table (column1, column2, column3) VALUES ('%s', '%s', '%s')
When I var_dump($values), it returns an array with the same amout of strings as I have columns.
When I run the query, I get the following error:
WordPress database error: [Query was empty]
I tried selecting from the database in a similar fashion and it did work, so my connected to the db is working.
What am I doing wrong?
If anyone can help me I would really appreciate it.
Are you sure your query look like this?
$metakey = "Harriet's Adages";
$metavalue = "WordPress' database interface is like Sunday Morning: Easy.";
$wpdb->query( $wpdb->prepare(
"
INSERT INTO $wpdb->postmeta
( post_id, meta_key, meta_value )
VALUES ( %d, %s, %s )
",
array(
10,
$metakey,
$metavalue
)
) );
My code is correct (I've been programming for 13 years), but for some reason when I use a variable in a SELECT query in the WHERE clause, I get no result. If I hardcode it, it works. How could this be? Blowing my mind...
$track = $wpdb->get_row($wpdb->prepare("SELECT tracking_id, order_id, outbound_tracking_number, return_tracking_numbers FROM wp_woocommerce_trackingnumbers WHERE order_id = %s", $o_id));
Thanks!
I think it should be (%s should be %d)
$track = $wpdb->get_row($wpdb->prepare("SELECT tracking_id, order_id, outbound_tracking_number, return_tracking_numbers FROM wp_woocommerce_trackingnumbers WHERE order_id = %d", $o_id));
%s for strings and %d for digits and variable $o_id sounds like an integer to me.
I am using new wpdb for accessing database with wordpress.
$mydb = new wpdb($username,$password,$database,$hostname);
$sql = $mydb->prepare("SELECT * FROM " . $table);
$results = $mydb->get_results($sql);
This line produces error:
$sql = $mydb->prepare("SELECT * FROM " . $table);
wpdb::prepare was called incorrectly. wpdb::prepare() requires at least two arguments.
All below statements produce same error:
$sql = $mydb->prepare("SELECT * FROM $table");
$sql = $mydb->prepare("SELECT * FROM '%s'", $table);
How do I write it without arguments?
(I am using wordpress 3.5)
Take the single quotes off from '%s' in your last example and that should work assuming $table is a valid table name.
Edit: $wpdb->prepare() works similar to php's sprintf() on a more limited scale. If you just pass it a single parameter, it doesn't do anything. See Andrew Nacin's post on this after 3.5 was released: http://make.wordpress.org/core/2012/12/12/php-warning-missing-argument-2-for-wpdb-prepare/
The second parameter will replace the first instance of a replaceable character set, i.e. %s, %d or %f, and third parameter will replace the second instance, and so on.
I am doing the following:
$type = 'attachment';
$images = $wpdb->get_results($wpdb->prepare('
SELECT p.*
FROM wp_%d_posts p
WHERE p.post_parent =%d
AND p.post_type = "%s"
', $blog_id, $page->ID, $type),OBJECT);
var_dump($images);
If I remove the line 'AND p.post_type = "%s"' then I get results returned, otherwise I get an empty array returned. If I run the query direct against the DB in a mysql client, I get results.
There is no error, just an empty result set. I am doing similar queries throughout my file and they are working so I'm not looking for "don't do it like that" style replies. I just need to understand why this isn't working and fix it.
PHP 5.3, MYSQL 5.1. WordPress MU 2.9.2
Do not Quote "%s". From the WordPress site, "Notice that you do not have to worry about quoting strings. Instead of passing the variables directly into the SQL query, use a %s placeholder for strings and a %d placedolder for integers."
Example:
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_title = %s WHERE ID = %d", $var, $id ) );