## sql – wpdb prepare without placeholder

Question

Recently, I found out why there are a lot of PHP Notice on my debug.log. It is because of wpdb:prepare needing placeholders. Documentation says that I need to do:

$wpdb->get_results($wpdb->prepare( "SELECT * FROM table WHERE column = %s AND field = %d OR other_field LIKE %s", array( 'foo', 1337, '%bar' ) ) );


But for me I use:

$wpdb->get_results($wpdb->prepare( "SELECT * FROM table WHERE column = " . $foo . " AND field = " .$intvalue . " OR other_field LIKE " . $bar ) );  Since I find it easier to read. If I do the 2nd option, can I skip $wpdb->prepare if I use the 2nd option? Or should I change my query to the 1st option since this is what is in the documents.

0
10 months 2022-04-12T21:45:20-05:00 0 Answers 0 views 0