WordPress 3.5 and wpdb:: prepare() error reporting solutions


WordPress 3.5 has been officially released. This version includes a lot of updates. It has enabled the latest responsive layout default theme “twenty twelve”; it has revised the admin interface, which is more concise and optimized for mobile devices; the media function has also been greatly improved, and now there is no reason to use other bed services

Good words, it’s time to “but”. But… WordPress follows the same style and secretly changes some internal methods. Nowwpdb::prepare()The second parameter must be filled in, otherwise an error is reported as follows

Warning: Missing argument 2 for wpdb::prepare(), called in xxx.php on line 75 and defined in /www/wp-includes/wp-db.php on line 990

wpdb->prepare() 方法在 WordPress 3.5 中报错

The second parameter of wpdb:: prepare()

Technically, WordPress is modified like thisprepareThere is no mistake, because this is the method used to assemble SQL statements. Normally, there must be a string with variables as the first parameter and the second as a variable parameter. This is to avoid the security problems caused by SQL injection. However, WordPress allows the writing method of ignoring the second parameter from version 2.2 or earlier. Now it suddenly makes the second parameter mandatory However, many themes and plug-ins cannot be used normally

I have shot all WordPress Themes and the latest comment plug-in WP recentcomments. Thanks for your reminding, I updated WP recentcomments half a month ago to solve this problem, but I haven’t had time to change the theme, because the theme review is too troublesome

Terms of settlement

Before updating the theme, I’ll talk about the solution here, so that users can solve it first. I believe that there are other themes or plug-ins that may have similar problems, and I hope it will help you

    We need to locate the file and code in question first. PHP code error reporting is very accurate. Open the file in error notification (the previous file, not WP dB. PHP) and find the code$wpdb->prepare. add an empty string as the second parameter for the method, such as:$wpdb->prepare('xxx');Change to$wpdb->prepare('xxx', '');Yes.


WordPress is not the first time to secretly modify the method invocation method. WordPress 2.7 also requirescomments_templateI have to enter the second method, but it was to expand the function. This time, I really don’t understand. In addition to security considerations, WordPress may also deliberately eliminate some topics that are not actively updated. My topics are clearly backward compatible, which is really too unethical