Enforce a minimum of two arguments for wpdb::prepare(). The first argument is the query (or fragment thereof), which is required. Additional arguments are values to substitute into placeholders.

This will generate E_WARNINGs for insufficient arguments when prepare() is called with no additional arguments. This should discourage improper uses of prepare() under the guise of safely running a query. props xknown. fixes #22262. git-svn-id: https://develop.svn.wordpress.org/trunk@22429 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-07 19:30:59 +00:00 · 2012-11-07 19:30:59 +00:00 · a7097f60d5
parent d34180efc2
commit a7097f60d5
1 changed files with 1 additions and 1 deletions
--- a/wp-includes/wp-db.php
+++ b/wp-includes/wp-db.php
@ -987,7 +987,7 @@ class wpdb {
 	 * @return null|false|string Sanitized query string, null if there is no query, false if there is an error and string
 	 * 	if there was something to prepare
 	 */
-	function prepare( $query = null ) { // ( $query, *$args )
+	function prepare( $query, $args ) {
 		if ( is_null( $query ) )
 			return;