Confused by $wpdb->prepare

First, prepare() allows you to specify two different types of data:

  • %s for String Types
  • %d for Integer/Numeric Types

The reason is simple: MySQL only knows two (and a half) data types: Strings and Numerics (and Date/Time).

So this way you specify what type it is and make sure only that type gets trough.

Still it’s important to get rid of possibly malicious parts of data by properly sanitize your inputs: esc_*() functions.

Here’s your example:

global $wpdb;

// The actual statement - in a readable way
$SQL = <<<SQL
    SELECT COUNT(*)
    FROM {$wpdb->prefix}h_transactions
    WHERE transactionid = %d
SQL;

$preparedSQL = $wpdb->prepare( $SQL, esc_attr( $_POST['transactionID'] ) );
// Let's run it
$registered = $wpdb->get_var( $preparedSQL );

Note: Make sure that you use your real names. I changed some for readability.

Related Posts:

  1. How to use $wpdb to delete in a custom table
  2. get_results on large datasets
  3. Is there a (better) way to access $wpdb results?
  4. Using $wpdb generates DB error
  5. How do you use prepare when asking for a list of id’s
  6. how to execute different sql query in non-sanitized $wpdb->get_results function
  7. WPDB update row with != in where clause
  8. How to update records using $wpdb?
  9. Need help writing a $wpdb query
  10. show badge with count for pending items in custom post type
  11. WP Sql query multiple where clause
  12. WordPress SQL query – returning ‘true’ ‘false’ or ‘null’
  13. Modify the structure of data returned by $wpdb
  14. Syntax for $wpdb->prepare when searching in two columns
  15. How to display user_nicename and usermeta values by custom query in WordPress?
  16. Optimizing WordPress Queries – Removing Group By ID
  17. How can I combine one field using wpdb and group by?
  18. $wpdb->prepare with ON DUPLICATE KEY UPDATE
  19. how to use $wpdb->prepare to update a custom table
  20. WPDB Placeholders and second argument for prepared statements
  21. Increment integer field in database when WHERE needs to be dynamic [closed]
  22. Custom SQL query ORDER BY term_order
  23. Custom $wpdb returns unexpected time based results
  24. How to left join meta in queries [closed]
  25. wpdb->get_row is selecting the variable as a column name
  26. CREATE TABLE with dbDelta does not create table
  27. $wpdb query outputs php code instead of executing it
  28. wpdb query not working
  29. WordPress wpdb->insert returns int(0) => doesn’t insert anything, no errors!
  30. WPDB SQL Ignore `post_status` Parameter
  31. how to list all post that are in the custom taxonomy using $wpdb
  32. WPDB SQL query SELECT from category
  33. How to use WHERE NOT EXISTS query to avoid duplicate entry using $wpdb to save in custom table?
  34. Creating an Angular factory from custom database table
  35. wpdb->update update the entire table instead of one row
  36. How do I update post based on meta_key in another table?
  37. How to set up prepared query using IN statement
  38. Custom database query to validate data
  39. Alter the main search query to search posts by coauthor user name
  40. Creates only one table and not the other
  41. Protect custom form from SQL injection
  42. looking for a way to allow users to backup the plugin db data(save as)
  43. SQL Query to select post title & post ID from a particular category
  44. Get comments after specific date
  45. query using wpdb in wordpress gets me no result
  46. Get count of rows based if column exists in two different tables
  47. query_vars doesn’t return query string (trying to get data from $wpdb)
  48. How do you properly prepare a %LIKE% SQL statement?
  49. How to parse row results from $wpdb -> get_results
  50. Pagination with custom SQL query
  51. $wpdb->insert() and Values for Datetime Columns?
  52. Change post status based on meta value
  53. Speed optimization of $wpdb->get_results
  54. $wpdb is get_results escaped
  55. wpdb prepare: passing varible number of fields as second argument
  56. Wpdb query for comment meta for current post
  57. How to Modify this $wpdb query to accept an array of post statuses
  58. Select from wp_post and multiple meta_value from wp_postmeta
  59. WPDB Update using Conditional Arrays
  60. How to correctly pass values to wpdb->prepare()?
  61. $wpdb->get_results returns empty but value exists
  62. Problem displaying inserted form
  63. Get published posts and pages?
  64. WordPress (on AWS ubuntu) database Fails “Connection refused in .. /wp-includes/wp-db.php on line 1531”
  65. How to get entry by title by using wpdb
  66. $wpdb not being defined in function: Fatal error: Call to a member function query() on a non-object
  67. WordPress is trimming leading 0s
  68. WPDB SQL query with prepare() returning variable, not db value
  69. get_results not returning anything
  70. Save data from a checkbox to a wpdb array
  71. WP-PostRatings: list current user’s rated posts
  72. WPDB Join with custom table
  73. $wpdb->prepare affecting the query?
  74. Getting values from wpdb
  75. Why is this $wpdb query looping 5 times?
  76. wpdb query not returning results containing single quotes
  77. duplicate entries in database while using save_post or wp_insert_post
  78. Unknown column ‘siteurl’ in ‘where clause’ WPDB outside
  79. $wpdb->get_results(…) with $wpdb->prepare(…) returns empty array despite correct query
  80. Passing a SQL query to the WP Query
  81. Creating multiple tables with Plugin
  82. sort title descending with title with number
  83. Escaping a WPDB Object in One Shot
  84. Correct and secure way to access a custom SQL database in a custom PHP template file
  85. Create a stored procedure on plugin activation
  86. Get last element from wpdb as a string
  87. $wpdb query for price in custom field value
  88. Object Cache – Avoid db queries totally
  89. Update all fields of table with ON DUPLICATE KEY UPDATE command
  90. WordPress – wpdb query does not list same result as sql query
  91. What is the best practice to initialise $wpdb by loading wp-load.php?
  92. $wpdb->get_results in not an array
  93. adding a log row log table, when the draft post publish
  94. How to make iteration on wpdb->update or query statement?
  95. Querying multiple meta_keys in WordPress SQL query
  96. Custom WordPress SQL Query 4 posts per custom taxonomy
  97. Jeditable Plugin working as it should – scope issue?
  98. wpdb LIKE request shows all database data
  99. How do I change the datetime format from ( ‘y-m-d’ ) to ( ‘d m y’ ) [closed]
  100. Can’t send form data to wpdb when URL has query string