Working with database in WordPress:
Get results
<?php
global $wpdb;
$results = $wpdb->get_results( "select * from $wpdb->posts where post_type='post' and post_status = 'publish' ORDER BY post_date DESC " ); // $wpdb->prepare()
foreach ($results as $result) {
echo $result->post_title;
}
?> |
<?php
global $wpdb;
$results = $wpdb->get_results( "select * from $wpdb->posts where post_type='post' and post_status = 'publish' ORDER BY post_date DESC " ); // $wpdb->prepare()
foreach ($results as $result) {
echo $result->post_title;
}
?>
Get row
<?php
global $wpdb;
$row = $wpdb->get_row("select * from $wpdb->links where link_id = 25");
echo $row->link_id; // prints "25"
?> |
<?php
global $wpdb;
$row = $wpdb->get_row("select * from $wpdb->links where link_id = 25");
echo $row->link_id; // prints "25"
?>
Insert row
<?php
global $wpdb;
$wpdb->insert(
$wpdb->posts,
array(
'column1' => 'value1', // string
'column2' => 123, // decimal
'column3' => 12.5 // float
),
array( '%s', '%d', '%f' ) // format (optional) (string type by default)
);
$insert_id = $wpdb->insert_id; // the value of AUTO_INCREMENT column after insert
?> |
<?php
global $wpdb;
$wpdb->insert(
$wpdb->posts,
array(
'column1' => 'value1', // string
'column2' => 123, // decimal
'column3' => 12.5 // float
),
array( '%s', '%d', '%f' ) // format (optional) (string type by default)
);
$insert_id = $wpdb->insert_id; // the value of AUTO_INCREMENT column after insert
?>
Get var
<?php
global $wpdb;
$wpdb->get_var($sql);
?> |
<?php
global $wpdb;
$wpdb->get_var($sql);
?>
Get col
<?php
global $wpdb;
$wpdb->get_col($sql);
?> |
<?php
global $wpdb;
$wpdb->get_col($sql);
?>
Update row
<?php
global $wpdb;
$wpdb->update(
$wpdb->posts,
array(
'column1' => 'value1', // string
'column2' => 22 // decimal
),
array( 'ID' => 15 ), // where
array( '%s', '%d' ), // format (optional)
array( '%d' ) // where_format (optional)
);
?> |
<?php
global $wpdb;
$wpdb->update(
$wpdb->posts,
array(
'column1' => 'value1', // string
'column2' => 22 // decimal
),
array( 'ID' => 15 ), // where
array( '%s', '%d' ), // format (optional)
array( '%d' ) // where_format (optional)
);
?>
Run any query
<?php
global $wpdb;
$wpdb->query( $wpdb->prepare( "delete from tablename where post_id=%d and meta_key=%s", $number, $string ) );
// escape bad sql
$age = 14;
$firstname = "Robert'; DROP TABLE Students;";
$sql = $wpdb->prepare('SELECT * WHERE age=%d AND firstname = %s;',array($age,$firstname));
$results = $wpdb->get_results($sql);
// escape 'like' sql
$age=14;
$firstname = "Robert'; DROP TABLE Students;";
SELECT * WHERE age=$age AND (firstname LIKE '%$firstname%');
$query = $wpdb->prepare('SELECT * WHERE age=%d AND (firstname LIKE %s);', array($age, '%'.like_escape($firstname).'%') );
?> |
<?php
global $wpdb;
$wpdb->query( $wpdb->prepare( "delete from tablename where post_id=%d and meta_key=%s", $number, $string ) );
// escape bad sql
$age = 14;
$firstname = "Robert'; DROP TABLE Students;";
$sql = $wpdb->prepare('SELECT * WHERE age=%d AND firstname = %s;',array($age,$firstname));
$results = $wpdb->get_results($sql);
// escape 'like' sql
$age=14;
$firstname = "Robert'; DROP TABLE Students;";
SELECT * WHERE age=$age AND (firstname LIKE '%$firstname%');
$query = $wpdb->prepare('SELECT * WHERE age=%d AND (firstname LIKE %s);', array($age, '%'.like_escape($firstname).'%') );
?>