[wp-hackers] Plugins using hardcoded table prefix
Alex King
lists at alexking.org
Mon Mar 21 09:19:59 GMT 2005
Weren't these variables just added in 1.5? I thought they were added
recently.
Also, be aware that when using these variables (or any object
properties) I'm pretty sure you can't just stick them inside a
double-quoted string.
This will not work:
$sql = "SELECT * FROM $wpdb->posts WHERE ...";
This will:
$sql = 'SELECT * FROM '.$wpdb->posts.' WHERE ...';
(and using single quotes reduces parsing, etc.)
At least that is how it works in my test environment - perhaps I've got
a setting out of whack somewhere.
--Alex
Mark Jaquith wrote:
>> // Table names
>> $wpdb->posts = $table_prefix . 'posts';
>> $wpdb->users = $table_prefix . 'users';
>> $wpdb->categories = $table_prefix . 'categories';
>> $wpdb->post2cat = $table_prefix . 'post2cat';
>> $wpdb->comments = $table_prefix . 'comments';
>> $wpdb->links = $table_prefix . 'links';
>> $wpdb->linkcategories = $table_prefix . 'linkcategories';
>> $wpdb->options = $table_prefix . 'options';
>> $wpdb->postmeta = $table_prefix . 'postmeta';
>
>
> Hardcoding the prefix is a very amateurish mistake.
More information about the wp-hackers
mailing list