Page 1 of 1
Forum

Welcome to the Tweaking4All community forums!
When participating, please keep the Forum Rules in mind!

Topics for particular software or systems: Start your topic link with the name of the application or system.
For example “MacOS X – Your question“, or “MS Word – Your Tip or Trick“.

Please note that switching to another language when reading a post will not bring you to the same post, in Dutch, as there is no translation for that post!


Forums
Software Developmen...
Web Development
WordPress - Missing...
 
Share:
Notifications
Clear all

[Solved] WordPress - Missing argument 2 for wpdb::prepare()

 
Web Development
Last Post by Hans 12 years ago
5 Posts
2 Users
0 Reactions
1,718 Views
RSS
 Hans
(@hans)
Famed Member Admin
Joined: 12 years ago
Posts: 2859
Topic starter August 2, 2013 6:39 AM  

After I updated to WordPress 3.6, my website suddenly showed nasty error messages:

Missing argument 2 for wpdb::prepare()

At first I thought this was a bug introduced with 3.6 (WP forum) but reality showed me that I had been using $wpdb->prepare in the wrong way - so it wasn't a bug, it was my own mistake. More details can be found in this article.

Quick fix:

Some of us used the $wpdb->prepare() without additional parameters, with queries like this;

$wpdb->get_row($wpdb->prepare( "SELECT COUNT(*) FROM table" ));

Obviously the prepare() function is not needed for this query. There is nothing to sanitize. Normally you use prepare() to make sure that parameters that you pass to the query (%d, %s, %f) are cleaned up to avoid malicious crap going down.

The above query should be:

$wpdb->get_row( "SELECT COUNT(*) FROM table" );

For queries that do take parameters I made the mistake to do something like this:

$wpdb->prepare( "SELECT * FROM table WHERE id = ".$id." AND active=1" );

Which in this case means that the function prepare() doesn't sanitize anything and is doing absolutely nothing.
Rewrite such a query for example to:

$wpdb->prepare( "SELECT * FROM table WHERE id = %d AND active=1", $id );

This will fix the nasty error message.


   
ReplyQuote
 lcosta72
(@lcosta72)
New Member
Joined: 12 years ago
Posts: 2
August 3, 2013 11:48 PM  

hello

sorry for being new at wp.

I believe that in order to solve this error I have to replace some text for the one you present in the text boxes. but I don't know in which file shall I do it and where to find the text to replace.

can somebody help me with that.


   
ReplyQuote
 Hans
(@hans)
Famed Member Admin
Joined: 12 years ago
Posts: 2859
Topic starter August 4, 2013 5:09 AM  

The text you have to change can be found in the PHP files of your theme or plugins.

Since you're relatively new to WP:
If you didn't develop either yourself, then contact the developer - because you'll be modifying some of the inner workings of the theme or plugin.
If you DID develop the theme (or plugin) yourself, then checkout the PHP files you find in your theme folder (wp-content/themes/<your theme name>).

The most common files to start with:

  • functions.php
  • index.php
  • page.php
  • sidebar.php
There will be other files (like footer.php) of course, but I'm guessing that those are less likely candidates to find $wpdb->prepare().
I'd start with investigating the theme and specifically the functions.php.
I personally use Dreamweaver for this, but any good text editor should offer a "search" function.


   
ReplyQuote
 lcosta72
(@lcosta72)
New Member
Joined: 12 years ago
Posts: 2
August 4, 2013 12:26 PM  

thank you for your help.


   
ReplyQuote
 Hans
(@hans)
Famed Member Admin
Joined: 12 years ago
Posts: 2859
Topic starter August 4, 2013 2:10 PM  

You're most welcome. Hope you managed fixing the error message 


   
ReplyQuote
Forum Jump:
  Previous Topic
Next Topic  
Share: