[wp-trac] [WordPress Trac] #23064: support str_to_date on $wpdb->prepare
WordPress Trac
noreply at wordpress.org
Fri Dec 28 06:11:09 UTC 2012
#23064: support str_to_date on $wpdb->prepare
--------------------------------------+----------------------
Reporter: jperelli | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Database | Version: 3.4.2
Severity: normal | Resolution: invalid
Keywords: needs-patch dev-feedback |
--------------------------------------+----------------------
Comment (by jperelli):
You are right, thanks!
I thought wpdb::prepare() was like addslashes or mysql_escape_string, and
made some sort of crazy magic to secure the query, but is more like
sprintf.
Sorry, didn't want to waste your time. I see now it is on the docs
http://codex.wordpress.org/Class_Reference/wpdb#Protect_Queries_Against_SQL_Injection_Attacks
I think I read it all but that part. :( Must go to sleep.
Thank you for teaching me!
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23064#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list