wpdb::esc_like PHP Method

wpdb Class Documentation Usage Examples Of wpdb::esc_like ファイルを表示 Open project: versionpress/versionpress

esc_like() public method

Use this only before wpdb::prepare() or esc_sql(). Reversing the order is very bad for security. Example Prepared Statement: $wild = '%'; $find = 'only 43% of planets'; $like = $wild . $wpdb->esc_like( $find ) . $wild; $sql = $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE post_content LIKE %s", $like ); Example Escape Chain: $sql = esc_sql( $wpdb->esc_like( $input ) );
Since: 4.0.0
public esc_like ( string $text ) : string
$text string The raw text to be escaped. The input typed by the user should have no extra or deleted slashes.
return string Text in the form of a LIKE phrase. The output is not SQL safe. Call $wpdb::prepare() or real_escape next. 
    public function esc_like($text)
    {
        return addcslashes($text, '_%\\');
    }

Usage Example

コード例 #1
0
 function posts_where($where, &$wp_query)
 {
     global $wpdb;
     if ($title = $wp_query->get('like_title')) {
         $where .= " AND " . $wpdb->posts . ".post_title LIKE '%" . esc_sql(wpdb::esc_like($title)) . "%'";
     }
     return $where;
 }
All Usage Examples Of wpdb::esc_like
wpdb
__construct
__destruct
__get
__isset
__set
__unset
_do_query
_escape
_insert_replace_helper
_real_escape
_weak_escape
bail
check_connection
check_database_version
db_connect
db_version
delete
esc_like
escape
escape_by_ref
flush
get_blog_prefix
get_caller
get_charset_collate
get_col
get_col_info
get_results
get_row
get_var
has_cap
hide_errors
init_charset
insert
load_col_info
prepare
print_error
query
replace
select
set_blog_id
set_charset
set_prefix
set_sql_mode
show_errors
supports_collation
suppress_errors
tables
timer_start
timer_stop
update