First, prepare() allows you to specify two different types of data: %s for String Types %d for Integer/Numeric Types The reason is simple: MySQL only knows two (and a half) data types: Strings and Numerics (and Date/Time). So this way you specify what type it is and make sure only that type gets trough. Still … Read more
Read the wpdb docs and don’t forget to protect your query: global $wpdb; $table_name = $wpdb->prefix . “item”; $login_name = sanitize_user( $_POST[‘login_name’] ); //assuming you’re dealing with username $prepare = $wpdb->prepare( “SELECT * FROM $table_name WHERE uname = %s”, $login_name ); $myrows = $wpdb->get_results( $prepare ); //output results echo ‘<pre>’ . print_r( $myrows, true ) … Read more
In a nutshell there is no generic reliable way to load WordPress core from arbitrary file. Since core and extensions directories are independent from each other (they are co-located by default, not by necessity) only core configuration “knows” where extensions are, but not other way around. In private code things like this just get hardcoded. … Read more
$wpdb->get_var will do exactly what the name suggests– return a single value. So this: $sum = $wpdb->get_var(“select sum(first), sum(second) from sums_test where id > 1”); var_dump($sum); Will return the result of sum(first). The rest of the result is lost (though cached I believe). The method you want is get_row which will return a complete row … Read more
Don’t store serialised PHP data in the database! It can be a major security risk! When the contents of the value are deserialised, any objects get recreated and their constructors and wakeup methods run, this can be used to launch an attack. Additionally, that data can’t be search replaced, because PHP serialised strings contain values … Read more
What you are asking for should be straight SQL. Try adapting the following: function check_for_ip($ip) { global $wpdb; $sql = <<<SQL SELECT true FROM `wpgrating` WHERE `ip` = %s SQL; return (bool) $wpdb->get_var($wpdb->prepare($sql, $ip)); } In essence, we do a simple SELECT with the IP in question as in the WHERE clause. (Note that it’s … Read more
I have made some changes to your code. See now if this works – function myajax_inputtitleSubmit_func() { // check nonce $nonce = $_POST[‘nextNonce’]; if ( ! wp_verify_nonce( $nonce, ‘myajax-next-nonce’ ) ) die ( ‘Busted!’); $zipcode = $_POST[‘zip’]; // generate the response global $wpdb; $tablename = “{$wpdb->prefix}levering”; $sql = “SELECT Levering FROM {$tablename} WHERE Zip LIKE … Read more
I think you are jumping a gun with custom SQL, complexity of this seems still in realm of WP_Query. Even if not it’s a good idea to start with it to have more solid base for custom SQL. If I try something like this: $meta_query = array( array( ‘key’ => ‘body_type’, ‘value’ => ‘bt’ ), … Read more
You might be able to use the query filter hook See this WPSE answer Basically, you can do something like: add_filter( ‘query’, ‘your_filter_function’ ); function your_filter_function($query_sql) { // do something to $query_sql return $query_sql; } This will get called for every query, so you’ll need to test $query_sql to make sure it’s the query you … Read more
You have missed meta_value parameter. You can use like this : $today=date(‘Y-m-d’); $args = array( ‘numberposts’ => 10, ‘post_type’ => ‘events’, ‘meta_key’ => ‘event_date’, ‘meta_value >=’ => $today ); // get results $the_query = new WP_Query( $args );