[wp-trac] [WordPress Trac] #11608: wpdb->prepare() is broken

WordPress Trac wp-trac at lists.automattic.com
Fri Dec 25 16:27:09 UTC 2009


#11608: wpdb->prepare() is broken
--------------------------+-------------------------------------------------
 Reporter:  hakre         |       Owner:  ryan            
     Type:  defect (bug)  |      Status:  new             
 Priority:  normal        |   Milestone:  3.0             
Component:  Database      |     Version:  2.9             
 Severity:  normal        |    Keywords:  has-patch tested
--------------------------+-------------------------------------------------

Comment(by sirzooro):

 Replying to [comment:26 Denis-de-Bernardy]:
 > In retrospect we should have used the syntax that is accepted by PDO for
 this stuff, i.e. either of:
 >
 > {{{
 > "SELECT * FROM foo WHERE bar = ?" # ? gets replaced by first variable
 > "SELECT * FROM foo WHERE bar = :bar" # :bar gets replaced by variable
 named bar
 > }}}
 We can consider adding new function prepare2() which will use PDO-like
 syntax, and mark prepare() as deprecated. This will require a lot of work
 (quick search showed 43 files), but we will avoid such problems in the
 future. This can be done under another ticket.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/11608#comment:30>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list