Enforce a minimum of two arguments for wpdb::prepare(). The first argument is the query (or fragment thereof), which is required. Additional arguments are values to substitute into placeholders.

This will generate E_WARNINGs for insufficient arguments when prepare() is called with no additional arguments. This should discourage improper uses of prepare() under the guise of safely running a query. props xknown. fixes #22262. git-svn-id: http://core.svn.wordpress.org/trunk@22429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-26 06:45:07 +02:00 · 2012-11-07 19:30:59 +00:00 · 2012-11-07 19:30:59 +00:00 · e588812a49
commit e588812a49
parent 3a86c87c31
1 changed files with 1 additions and 1 deletions
--- a/wp-includes/wp-db.php
+++ b/wp-includes/wp-db.php
@ -987,7 +987,7 @@ class wpdb {
 	 * @return null|false|string Sanitized query string, null if there is no query, false if there is an error and string
 	 * 	if there was something to prepare
 	 */
-	function prepare( $query = null ) { // ( $query, *$args )
+	function prepare( $query, $args ) {
 		if ( is_null( $query ) )
 			return;