WordPress 3.5 And WPDB Prepare

What’s happening and Why?

We’ve noticed a warning popping up in a few of our themes with the newest WordPress update (version 3.5). This is caused by a change in WordPress’s functionality to make it more secure.

What’s the error?

The error will look like this:
“Warning: Missing argument 2 for wpdb::prepare()”

How do I fix it?

If you are seeing an error after upgrading to WordPress 3.5 that says something like this, you need to upgrade your theme.

We have fixed this with all of our themes and they are ready to download and re-install from your account page.

What if I have customized my theme’s code and don’t want to upgrade?

For those of you who have customized your theme’s code and don’t want to do a full upgrade, you’ll need to take a look at the warning message.

Here’s a sample error we have fixed from the Biznify Theme:

Warning: Missing argument 2 for wpdb::prepare(), called in /home/mintthem/public_html/demo/wp-content/themes/Biznify/products-pagetemplate.php on line 39 and defined in /home/mintthem/public_html/demo/wp-includes/wp-db.php on line 990

Step 1: Open the file it tells you to open. In this case, it is products-pagetemplate.php and Go to the line it refers to. In this case it is line 39

Step 2: Find the code that looks like this: $wpdb->prepare(“SELECT price FROM $table_name WHERE item_number = ‘$item_number';”)

Step 3: Replace $item_number with %d

Step 4: Add $item_number after the last quotation mark. Also, make sure to put a comma before it. (notice the comma before $item_number below)

Example: $wpdb->prepare(“SELECT price FROM $table_name WHERE item_number = ‘%d‘;”, $item_number)

Completed Example Code:

Here is an example of the complete line of code after it has been fixed:

$price = $wpdb->get_var($wpdb->prepare(“SELECT price FROM $table_name WHERE item_number = ‘%d‘;”, $item_number));

Need Support?

Again the easiest way to fix this problem is by upgrading the theme. To do this, log into your account with us and download the latest version.

As always, we are ready to help at any time. Give us a shout if you run into trouble and we can walk you through it.

 

chat8 Comments

  1. Hi,

    $price = $wpdb->get_var($wpdb->prepare(“SELECT price FROM $table_name WHERE item_number = ‘%d‘;”, $item_number));

    This code only stop DB issue but not worked for me. After using this PHP code not showing price on some of products and ajax add to cart button not working. Can you suggest me?

    Thanks,
    Vijay

  2. im having a problem. i cant figure it out can you help me im almost there i can feel it

    $this->items = $wpdb->get_results( $wpdb->prepare( ”
    SELECT * FROM {$wpdb->prefix}woocommerce_shipping_zones
    ORDER BY `zone_order` ASC LIMIT %d, %d
    “, ( $current_page – 1 ) * $per_page, $per_page ) );*/

    $this->items = $wpdb->get_results( $wpdb->prepare( ”
    SELECT * FROM {$wpdb->prefix}woocommerce_shipping_zones
    ORDER BY `zone_order` ASC
    ” ) );

  3. I am really loving the theme/design of your
    site. Do you ever run into any internet browser compatibility problems?
    A number of my blog readers have complained about my website not operating correctly in Explorer but looks great in Firefox.
    Do you have any solutions to help fix this problem?

  4. I read a lot of interesting articles here.
    Probably you spend a lot of time writing, i know how to save you a lot of time,
    there is an online tool that creates readable, SEO friendly
    posts in seconds, just type in google – laranitas free content source

Leave a Reply

Send