Depreciated Call -> Function wpdb::escape()
prepare works a bit differently than escape in that it works on whole strings and manages quoting as well. $pat = “UPDATE {$wpdb->posts} SET %s = %s WHERE ID = %d”; $qry = $wpdb->prepare( $pat, $key, $visibility, $post_id ); $wpdb->query($qry); You do not need to swap in the table name at all, and with prepare … Read more