Is get_results Already Escaped?

  • Question regarding the get_results method on the wpdb class…

    Is the query entered into the get_result method escaped by get_results or should I be placing a call to the prepare method inside of get_results?

    $wpdb->get_results($sql);

    or

    $wpdb->get_results($wpdb->prepare($sql));

    Digging through the wpdb class file it seems like no, but would like some assurance.

Viewing 1 replies (of 1 total)

  • You are right. You need to parepare the query string before it goes to get_results. Using $wpdb->prepare() as you are there is the right way to do it.

Viewing 1 replies (of 1 total)
  • The topic ‘Is get_results Already Escaped?’ is closed to new replies.