We have tried this way. But it is not working. please any one tell alternative method in wordpress
$wpdb->query("UPDATE ".$wpdb->prefix."recommend_bets SET `title`='".mysqli_real_escape_string($title)."',`category`='".$catID."',....
Asked
Active
Viewed 3,340 times
-1
Your Common Sense
- 156,878
- 40
- 214
- 345
Arun Kumar
- 1,607
- 1
- 18
- 33
-
`mysql_real_escape_string()` used this instead of `mysqli_real_escape_string()` – Jenish Mar 22 '18 at 06:57
-
mysqli_real_escape_string() - not working @Jenish – Arun Kumar Mar 22 '18 at 06:58
2 Answers
3
When working with database in WordPress you should never use the low lever mysql_* or mysqli_* functions.
Always use $wpdb methods, in your case you should use prepare():
<?php
$wpdb->query( $wpdb->prepare(
"UPDATE ".$wpdb->prefix."recommend_bets
SET title = %s,
titleb = %s
WHERE ID = %d
",
'static', 'static2', 7
) );
// Or
$wpdb->update(
'table',
array(
'column1' => 'value1', // string
'column2' => 'value2' // integer (number)
),
array( 'ID' => 1 ),
array(
'%s', // value1
'%d' // value2
),
array( '%d' )
);
?>
Rushil K. Pachchigar
- 1,263
- 2
- 21
- 40
0
You can use wpdb::_real_escape( string $string ) function.
https://developer.wordpress.org/reference/classes/wpdb/_real_escape/
Sushma Biradar
- 56
- 1