WordPress.org

Make WordPress Core

Changeset 5778


Ignore:
Timestamp:
07/04/2007 04:18:57 PM (11 years ago)
Author:
markjaquith
Message:

Introducing "prepare", a WPDB method for sprintf()-prepared SQL statements. see #4553. Implementation details to follow.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/wp-db.php

    r5700 r5778  
    115115        else
    116116            return mysql_real_escape_string( $string, $this->dbh );
     117    }
     118
     119    /**
     120     * Escapes content by reference for insertion into the database, for security
     121     * @param string $s
     122     */
     123    function escape_by_ref(&$s) {
     124        $s = $this->escape($s);
     125    }
     126
     127    /**
     128     * Prepares a SQL query for safe use, using sprintf() syntax
     129     */
     130    function prepare($args=NULL) {
     131        if ( NULL === $args )
     132            return;
     133        $args = func_get_args();
     134        $query = array_shift($args);
     135        array_walk($args, array(&$this, 'escape_by_ref'));
     136        return @call_user_func_array('sprintf', array_merge(array($query), $args));
    117137    }
    118138
Note: See TracChangeset for help on using the changeset viewer.