WordPress.org

Make WordPress Core

Changeset 5778


Ignore:
Timestamp:
07/04/07 16:18:57 (7 years ago)
Author:
markjaquith
Message:

Introducing "prepare", a WPDB method for sprintf()-prepared SQL statements. see #4553. Implementation details to follow.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/wp-db.php

    r5700 r5778  
    115115        else 
    116116            return mysql_real_escape_string( $string, $this->dbh ); 
     117    } 
     118 
     119    /** 
     120     * Escapes content by reference for insertion into the database, for security 
     121     * @param string $s 
     122     */ 
     123    function escape_by_ref(&$s) { 
     124        $s = $this->escape($s); 
     125    } 
     126 
     127    /** 
     128     * Prepares a SQL query for safe use, using sprintf() syntax 
     129     */ 
     130    function prepare($args=NULL) { 
     131        if ( NULL === $args ) 
     132            return; 
     133        $args = func_get_args(); 
     134        $query = array_shift($args); 
     135        array_walk($args, array(&$this, 'escape_by_ref')); 
     136        return @call_user_func_array('sprintf', array_merge(array($query), $args)); 
    117137    } 
    118138 
Note: See TracChangeset for help on using the changeset viewer.