[wp-hackers] WP 3.5.2/multisite: How to use NOT IN in $wpdb->prepare()?
Ryan McCue
lists at rotorised.com
Tue Jul 16 04:21:17 UTC 2013
Micky Hulse wrote:
> What's the most practical and secure way (I want to avoid little Bobby
> Tables http://xkcd.com/327/) to pass a list of blog IDs into the NOT
> IN clause of wpdb::prepare() SQL statement?
$ids = array(1, '2', '3q', 'b');
// Ensure all IDs are positive integers
$ids = array_map('absint', $ids);
// Filter anything that converted to 0 (i.e. non-integers)
$ids = array_filter();
// Add to your SQL
$sql .= ' NOT IN (' . implode(',', $ids) . ')';
--
Ryan McCue
<http://ryanmccue.info/>
More information about the wp-hackers
mailing list