WordPress.org

Make WordPress Core

Opened 11 years ago

Closed 11 years ago

Last modified 11 years ago

#5178 closed enhancement (fixed)

New $wpdb methods: insert(), update()

Reported by: markjaquith Owned by:
Milestone: 2.5 Priority: normal
Severity: normal Version:
Component: General Keywords:
Focuses: Cc:

Description (last modified by markjaquith)

Ryan proposed these methods to me. I cleaned them up a bit and added sanitization.

	/**
	 * Insert an array of data into a table
	 * @param string $table WARNING: not sanitized!
	 * @param array $data should not already be SQL-escaped
	 * @return mixed results of $this->query()
	 */
	function insert($table, $data) {
		$data = add_magic_quotes($data);
		$fields = array_keys($data);
		return $this->query("INSERT INTO $table (`" . implode('`,`',$fields) . "`) VALUES ('".implode("','",$data)."')");
	}

	/**
	 * Update a row in the table with an array of data
	 * @param string $table WARNING: not sanitized!
	 * @param array $data should not already be SQL-escaped
	 * @param string $where_col the column of the WHERE statement.  WARNING: not sanitized!
	 * @param string $where_val the value of the WHERE statement.  Should not already be SQL-escaped.
	 * @return mixed results of $this->query()
	 */
	function update($table, $data, $where_col, $where_val){
		$data = add_magic_quotes($data);
		$bits = array();
		foreach ( array_keys($data) as $k )
			$bits[] = "`$k`='$data[$k]'";
		$where_val = $this->escape($where_val);
		return $this->query("UPDATE $table SET ".implode(', ',$bits)." WHERE $where_col = '$where_val' LIMIT 1");
	}

First place to use this is in wp_insert_post()

Change History (4)

#1 @markjaquith
11 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [6221]) Introducing db_insert() and db_update(), with immediate usage in wp_insert_post(). fixes #5178

#2 @markjaquith
11 years ago

(In [6237]) More use of db_insert()/db_update(). see #5178

#3 @markjaquith
11 years ago

(In [6238]) Remove redundant "db_" from db_insert() and db_update() methods. Now just insert() and update(). see #5178

#4 @markjaquith
11 years ago

  • Description modified (diff)
  • Summary changed from New $wpdb methods: db_insert(), db_update() to New $wpdb methods: insert(), update()

Changed the method names.

Note: See TracTickets for help on using tickets.