#11100 closed defect (bug) (fixed)
delete_post_meta_by_key() is currently broken
Reported by: | Viper007Bond | Owned by: | westi |
---|---|---|---|
Milestone: | 2.9 | Priority: | normal |
Severity: | normal | Version: | 2.9 |
Component: | Database | Keywords: | has-patch |
Focuses: | Cc: |
Description
$wpdb->prepare()
quotes strings and therefore results in a broken query:
$wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE meta_id IN(%s)", implode( ',', $postmetaids) ) );
It results in something like this:
DELETE FROM wp_postmeta WHERE meta_id IN('883,1062,1063,1064,1066,1067,969')
There are likely other places where this is also an issue.
Attachments (1)
Change History (9)
#2
@
15 years ago
- Owner changed from ryan to westi
- Status changed from new to accepted
I have added some testcases to wordpress-tests to catch this error.
I would prefer to keep the call to prepare here for consistency sake.
Going to commit an alternative fix which works for my local tests please re-open if there are still issues.
#5
@
11 years ago
I found this ticket after I searched for a solution with escaping in IN operators. I think the solution in [12156] is very nice. But if you have nothing in your array, you get a Database error. So here's my solution :)
$in = count($postmetaids) ? implode( ',', array_fill(1, count($postmetaids), '%d')) : 'NULL'; $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE meta_id IN($in)", $postmetaids ));
#6
@
11 years ago
- Cc me@… added
- Resolution fixed deleted
- Severity changed from normal to trivial
- Status changed from closed to reopened
Note: See
TracTickets for help on using
tickets.
Don't use prepare()