is $wpdb->get_results() safe enough

You have to always use $wpdb->prepare() before $wpdb->query() or $wpdb->get_results() if your queries depend on dynamic variables

Related Posts:

  1. What is an ORM, how does it work, and how should I use one? [closed]
  2. What is the difference between an ORM and an ODM?
  3. What is this JavaScript “require”?
  4. Rename a table in MySQL
  5. How should I tackle –secure-file-priv in MySQL?
  6. What is this JavaScript “require”?
  7. What is “Advanced” SQL?
  8. What’s the difference between identifying and non-identifying relationships?
  9. Can’t connect to MySQL server on ‘127.0.0.1’ (10061) (2003)
  10. Can’t connect to MySQL server on ‘127.0.0.1’ (10061) (2003)
  11. Can’t connect to MySQL server on ‘127.0.0.1’ (10061) (2003)
  12. What are the differences between B trees and B+ trees?
  13. MySQL SELECT increment counter
  14. How to resolve ORA-011033: ORACLE initialization or shutdown in progress
  15. Example of a strong and weak entity types
  16. Oracle SQL query for Date format
  17. phpMyAdmin – Error > Incorrect format parameter?
  18. Strange Characters in database text: Ã, Ã, ¢, â‚ €,
  19. Difference between partition key, composite key and clustering key in Cassandra?
  20. How SID is different from Service name in Oracle tnsnames.ora
  21. What is a relation in database terminology?
  22. Failed to connect to mysql at 127.0.0.1:3306 with user root access denied for user ‘root’@’localhost'(using password:YES)
  23. Database vs File system storage
  24. Can I have multiple primary keys in a single table?
  25. Exclude Statement in SQL
  26. How do you query for “is not null” in Mongo?
  27. What is a file based database?
  28. Is it fine to have foreign key as primary key?
  29. Storing Images in DB – Yea or Nay?
  30. Using wpdb to connect to a separate database
  31. how to Optimize WordPress database for 10 million post? [duplicate]
  32. MySQL Database User: Which Privileges are needed?
  33. Why is my database import losing text widget data?
  34. Database synchronization between dev/staging and production
  35. Keeping WP database synced across multiple developers using git
  36. WPDB Insert or if exists Update
  37. Multiple developers / editors working on a site in progress
  38. How can I make updates to a site, on a development copy, but then move updates back without overriding live site’s evolving database?
  39. get_results using wpdb
  40. Will it break my site if I delete all transient records in wp_options table?
  41. Checking if Database Table exists
  42. Why WordPress choose data serialization over json_encode?
  43. What’s the simplest way to backup my WordPress database?
  44. WordPress (MyISAM) database is slow, should I switch to InnoDB?
  45. $wpdb won’t insert NULL into table column
  46. Relaunch 4.2 utf8mb4 database upgrade
  47. Fastest way (least amount of steps) to locally import a remote database using WP-CLI
  48. Safest way to bulk delete post revisions
  49. Please explain how WordPress works with MySQL character set and collation at a low level
  50. Solution for database version control and deployment?
  51. The MySQL alternatives: Do Percona Server and MariaDB work well with WordPress, and do they make WordPress go better?
  52. How many users can WordPress handle?
  53. Get error messages when $wpdb->insert() returns false?
  54. Detecting errors generated by $wpdb->get_results()
  55. Staging sites, how do you manage synchronising updates in the DB?
  56. Does dbDelta delete columns as well?
  57. How to get the post publish date outside the loop?
  58. MariaDB as a backend database
  59. wpdb update add current timestamp not working
  60. Site stuck in “Database Update Required” loop
  61. How to fetch Data in WordPress using MySQLi or $wpdb
  62. WordPress Database lost auto increment
  63. Count & Display Database Queries
  64. Connect to database using wordpress wp-config file
  65. How can I make a WordPress database portable and url independent?
  66. Are There Any Plans for WordPress to Support Databases Other Than MySQL?
  67. wpdb->insert multiple record at once
  68. How to migrate a HTTPS WordPress installation to localhost?
  69. Two WordPress sites sharing the same content
  70. How to integrate custom database table in WordPress and using WordPress functions
  71. Reset Post IDs to less than 64bit integer
  72. WP Multisite: load content from site X on site Y
  73. How To Export/Import WordPress (MySQL) Database Properly Via Command-Line?
  74. Custom form that store input in database
  75. Restoring WordPress posts from database only
  76. What is the purpose of the option name hack_file in the options table?
  77. Where can I find the database changes between WordPress versions?
  78. Automate WordPress Database Upgrade
  79. Database connection close
  80. WordPress database error with latest WP – “WP_termmeta doesn’t exist”
  81. WordPress database scalability from the code perspective
  82. WordPress Unit Testing – Cannot Create Tables
  83. Using transients in conjunction with memcached
  84. Displaying content from one WP site on separate WP site
  85. Lost the `wp_options` table: what’s the best way to restore the site?
  86. How to define composite keys with dbDelta()
  87. Insert data in database using form
  88. Is sanitize_text_field() is enough to save to DB?
  89. Does wpdb add considerable overhead on queries with large result sets?
  90. How to stop WordPress using utf8mb4_unicode_520_ci collation?
  91. How to track user progress?
  92. how can get database name in wordpress?
  93. Can a post ID be 0?
  94. Is it possible to define two databases for one installation?
  95. Why does $wpdb return strings for mysql integer values?
  96. Issue with wp_insert_post and post_content field error Could not update post in the database
  97. wp_posts – guid update
  98. Does WordPress use the InnoDB engine for MySQL by default?
  99. How can I migrate from another platform to WordPress (using the same domain) and launch when ready?
  100. $wpdb->prepare() warning in WordPress 3.5
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)