[wp-trac] [WordPress Trac] #22262: Possible invalid uses of wpdb::prepare()

WordPress Trac noreply at wordpress.org
Wed Nov 7 19:31:02 UTC 2012


#22262: Possible invalid uses of wpdb::prepare()
--------------------------+---------------------
 Reporter:  xknown        |       Owner:  nacin
     Type:  defect (bug)  |      Status:  closed
 Priority:  normal        |   Milestone:  3.5
Component:  Database      |     Version:
 Severity:  normal        |  Resolution:  fixed
 Keywords:  has-patch     |
--------------------------+---------------------
Changes (by nacin):

 * owner:   => nacin
 * status:  new => closed
 * resolution:   => fixed


Comment:

 In [changeset:"22429"]:
 {{{
 #!CommitTicketReference repository="" revision="22429"
 Enforce a minimum of two arguments for wpdb::prepare(). The first argument
 is the query (or fragment thereof), which is required. Additional
 arguments are values to substitute into placeholders.

 This will generate E_WARNINGs for insufficient arguments when prepare() is
 called with no additional arguments. This should discourage improper uses
 of prepare() under the guise of safely running a query.

 props xknown. fixes #22262.
 }}}

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/22262#comment:8>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list